Our smartphones, which we now have at our fingertips at all times, have become one of the most popular tools for fraudsters.
SMS messaging has become the main method used by scammers.
In other words, the phrase “You won a prize” in a text message we read or the bank’s warning “Change your password” may not be innocent at all.
SMS fraud is very common
A global cybersecurity company has released a report on SMS fraud that addresses this very issue. The report, which involved more than 7,000 participants, found that SMS fraud was the most common attack method at 45.4 percent and one in four experienced a security issue at least once a year.
The report also contains important conclusions regarding SMS fraud in Türkiye. This means that fake cargo delivery information, job offers from shopping sites and fake password updates from banks are the most commonly used methods in Turkey.
When such messages are received, users are advised that it is important to manually check the actual website or online application.
So what other precautions can we take against SMS scams? How can we ensure our own safety? We spoke to cyber security expert Tolga Mürtezaoğlu about the details.
“It should be checked who sent the SMS”
Recalling that SMS is a long-used means of communication, Mürtezaoğlu explains that it is an area where trust is gained.
However, “SMS spoofing” (smishing) has now become a reality, an attack technique that can reach its prey directly and poses a danger to millions of people, he says.
“When we receive an SMS, the first thing we should pay attention to is where it comes from… The sender number is very important, that should be our first filter. Never send messages from a corporate location, international number or personal number. Many platforms will give you the same warning when you log into that platform if there is a notification important enough to reach you via SMS. Then logging in to the sender of the message should be our first task after the number filter.
The content of the message is very important. In order to deceive us, the system must deceive us, that is, it must make us believe that the message is real. Then he must have very good knowledge of Turkish. There must be no spelling errors. “The general approach and writing style can also give away a fake SMS.”
“Don’t click on every link!”
The most commonly used method in SMS fraud is clicking on a link. Mürtezaoğlu states that the link in the message will be a shortened link and continues as follows:
“It all starts when we click on this link, otherwise the scam will end before it even begins. The link is not a long address, but rather a meaningless link that is shortened to fit in the text message.
So what should be done? The most effective method I've seen is to search for the incoming message in a search engine without being lazy.
They may also send you threatening text messages to scare you. If you see in the search engine that this message with the same text has been sent to thousands of people, you will be relieved and delete the message anyway. “If you search, you’ll see it being shared on social media and discussed in forums.”
The most frequently used news content is shared
Mürtezaoğlu also recommends a platform to be informed about fake news. “Siberay”, the unit of the General Directorate of Security that deals with cybercrime…
“Maybe their websites are a little behind, but they are constantly warning us on social media. For example, if fraudulent SMS messages such as “We could not deliver your cargo to you at the moment, your address is missing” are on the agenda, they will be at the forefront of Siberay's social media accounts. Even text message scams we’ve never heard of or thought about are being shared.”
“Anyone who responds to text messages is a target”
Tolga Mürtezaoğlu reveals another important detail about SMS fraud: “If you respond with an SMS or call the number instead of clicking on the link when the SMS comes, you will not be harmed.” However, he explains that now a goal is as follows:
“The sender of the message will recognize in the message report that you received and read the message. If you receive a response such as clicking the link or replying, you are now an approved and active SMS target. That means you get more text messages.”
“You can also send messages with the name of the person you know.”
Scammers can also change the name of the message to someone you know. Mürtezaoğlu states that this is not a widely used method. However, he also states that this can be prevented.
“Theoretically, it is possible for fraudsters to change the number the message comes from. They can write a company name or, if they have taken over a phone from someone you know, send messages from that phone and also duplicate the SIM card to deceive you.
But that doesn't happen very often. Some settings and applications allow you to block SPAM text messages or choose not to receive text messages from numbers you do not recognize, that is, from numbers that are not in your contact list. But really important news can also be missed in this way.”
Bir yanıt yazın