SMISHING
EXPLODING In AUSTRALIA
Smishing - a hybrid of SMS and Phishing.
It is a particular kind of scam when a criminal sends text messages to lure victims to expose sensitive information, download malware and give away money. Using the same typical tactics in other phishing, smishers, posing as significant individuals or institutions, threaten you with fines or give you a deal too good to be two. Sometimes, they send texts during current events to make these scams seem more authentic.
While users today are suspicious of scam emails, they are typically less vigilant for these shady messages. Because of this, smishers are putting so much effort to design different scripts to defraud people's money, leading to phenomenal growth.
-
Authority: the message claims to be from an official source.
-
Urgency: you're informed that you only have so much time to answer.
-
Emotion: the message makes you feel anxious, scared, hopeful, or inquisitive.
-
Scarcity: It gives you an offer that seems too good to be true.
-
Current events: Do you anticipate receiving a message like this? Some scammers pose as representatives of the tax office during tax season.
situation in australia
According to the Australian Competition and Consumer Commission's (ACCC) Scamwatch, frauds set records last year with more than $323 million in losses and 286,000 reports. And the figure will rise even further in 2022, with nearly $430 million in damages and more than 200 thousand reports made so far.
Phishing scams have been the most prevalent method of attack used so far by cyber criminals, with 6,326 reports made on August 2022. The majority of those phishing scams—46.3% of all reports—are sent via text messages.
With 2,927 reports and $856,807 in losses on August 2022, smishing has been exploding and costing million dollars of vulnerable Australians. The top age group that phone scammers target in Australia is those under 25, particularly elderly folks over 65, according to ACCC Scamwatch.
Nowadays, more than two-thirds of Australians have received obnoxious SMS from individuals posing as representatives of reputable companies or the government in an effort to obtain their personal information.
Scams have severe effects on people's life. A Vodafone user named Joy shared how annoying and frustrating it is to consistently receive these scam texts every week. Although they seem to not bother her, they do. "Once, as I was waiting for my boss' message and in a rush, I received one of these fake messages. It was really a bad experience, making me so frustrated,” she said.
"Even if you don't fall victim, scam texts can be incredibly unpleasant."
Chloe - Optus customer
Smishing isn’t just annoying. These SMS scams can be extremely sophisticated and have catastrophic effects on victims' finances and emotional well-being. In certain cases, those who receive scam SMS may not fall for the hoax, but they may nevertheless experience distress. An Optus customer named Chole revealed her experience of nearly falling prey to scamming.
causes
of this phenomenon
Why are we getting so many of these scam texts right now?
Firstly, phishing via text message works. Attackers are working so hard to create these frauds because 98% of texts are read, and 45% of them are replied to, compared to 20% and 6% for emails, respectively. In terms of the effectiveness of smishing, Lyndsey Jackson, former Chair of Electronic Frontiers Australia (EFA) organisation, stated that there is a contribution of multiple factors.
"There is a mix of individual behaviours, the availability and accessibility of mobile phones, and the software that allows for mass SMS to be sent."
Lyndsey Jackson
Secondly, the issue of information privacy is another factor. If you're receiving texts from strangers, it's probably because a data breach resulted in the loss of your phone number. This implies that there is a data provider out there who has compromised our information through leaks, sales, or carelessness. The most recent significant data breach event at Optus, which exposed the private information of millions of consumers, is an excellent illustration of how the company's weak security procedures have an influence on the data of vulnerable individuals.
Besides, this event also shows the risks to people's privacy when the company collects large amounts of personal data and retains it for a long time. The data breach at Optus has affected not only current but also former consumers because Optus mandated that they must store data for six years.
“Following the Optus data breach event, people should notify of why these companies collect so much data and why they hold on to it for an extended period of time."
Lyndsey Jackson
actions needed
Caused by a variety of factors, the explosion of smishing requires multiple steps to be taken.
By individuals
-
Raising awareness about smishing: people need to start being cautious about the messages they get, keep up with the most recent scams on Scamwatch, and be aware of what to do if they fall victim.
-
Changing behaviours: people need to rethink their regular habits when entering personal information, particularly phone numbers.
By the industry
Actively disrupting scam activities: telcos should have solutions to track and block them as much as they can. Telstra, for example, have recently activated a brand-new SMS scam filter that stops these messages at the network level before they even get to users' mobile devices.
By the government
Enhancing laws to protect individuals' data: Besides the strict new rules for mobile providers to stop smishing activities, the government should concern more about offering high safeguards for personal information. The Optus data breach has sparked calls for changes in Australia’s data privacy laws and regulations that should put limits on how much data companies can collect, or for how long they can keep that information. In addition, we need more individuals' right of action when businesses hold customer data for an excessive amount of time or fail to protect it.
Minimising the data collected minimises the risk of harm.
