What You Should Know About SMS Phishing Attacks

Defenses in social media, finance or in different fields are defenses against one of the most frequently used cyber attacks.

One of the most common tactics is SMS phishing. An SMS phishing attack is to take these first three steps:

Don’t click the link!
Copy the message and send it to the relevant organizations in your country to help them detect and block malicious messages between them.
Take a screenshot of the message and save it and forward it to the authorized institution if requested.

What is SMS scam?

Phishing is a type of exploitation attack in which a cyberstalker attempts to click on a malicious link or attachment by deceiving its target by impersonating a legitimate entity or organization. This could allow hackers to steal their victims’ sensitive files or infect their devices with malware.

You may already be familiar with common phishing attacks of email, where the attacker delivers a phishing message via email. However, in recent years, attackers have adopted a new type of delivery method: SMS, aka text messaging.

SMS phishing, also known as “Smishing”, is a type of phishing attack based on malicious messages and even thousands of mobile phone numbers, in which an attacker tries to trick and deceive recipients into some act against their interests.

Especially for crypto holders, the goal is to be able to steal their funds and gain access to the buyer’s crypto wallet or account. SMS phishing is hugely problematic in crypto for two reasons:

Cybercriminals have an ever-increasing incentive to steal crypto assets due to the unprecedented increase in their monetary value.
Crypto asset transactions are irreversible once the transaction is confirmed and written to the blockchain ledger.

If you have invested in crypto, or even intend to, we strongly recommend that you take the time to understand how to identify this common threat and what to do if you receive one of these messages.

How to identify SMS phishing?

Phishing messages can be easily detected 99.9% of the time by completing three simple checks. For this lesson, let’s use the following Coinbase SMS phishing message as an example:

Shipping Number: One of the first things to check is the phone number to which the message was sent. Doing a quick Google search will see that this phone number is probably associated with a scam — this is your first red flag.
Message: Grammar errors are usually a red flag indicating that the message is probably a hoax. If there is no grammar problem, check the purpose of the message. Phishing messages often try to exploit your emotions by creating fear or excitement. If you receive an emotionally triggering message, good or bad, it could be a phishing message and should be a red flag.
Link: Finally, always be sure to review the link. Clear and simple, if the link doesn’t include the domain Coinbase.com, it’s phishing.

What should you do if you receive an SMS phishing message?

Now that you have the tools to detect SMS phishing messages, the question is: What should you do if you receive an SMS phishing message?

Fortunately, to protect yourself, the correct answer is very easy: Don’t click the link!

You can help mobile operators detect and block malicious messages on their networks by sending a copy of the phishing SMS to the relevant agency in your country.

If you know the phishing site, you can have the security team investigate the phishing link and send abuse reports to organizations that can help shut the phishing site down.

As the popularity of cryptocurrency grows, cybercriminals will seek to innovate and discover new ways to access your investments. Companies continue to inform their customers of emerging threats through sms marketing. However, it is also imperative that you take the security of your account into your own hands.

Additional SMS phishing examples

The phone number is largely unknown according to Google.
The message also has a grammar problem and is trying to create a fear response regarding unauthorized account access.
The link is not Coinbase.com. The domain in this link is what is known as the International Domain Name (IDN). Note the special character accent in “b”. Attackers often use IDNs in phishing attacks, as the letters can be very similar to the word Coinbase.

The phone number is abnormally long and suspicious.
The message has many grammatical problems and is trying to stir up excitement by stating that 21 BTC was received.
The link is not Coinbase.com.

Phone number is largely unknown according to Google
The message tries to stir up excitement by stating that 0.59 BTC has been received
The link is not Coinbase.com (note that the link actually goes to the ssl-coinbase[.]com domain)