Are you prepared for vishing and smishing cyber-attacks?
Many local government employees are provided with mobile phones for work, rather than traditional landlines.  This is a trend across a variety of industries and cyber-criminals are taking advantage.

New cyber-attacks using vishing and smishing techniques are now emerging, targeting employees not just on their computers but on their mobile phones.

There may be times when you receive a message claiming to be from your organisation's leaders or service desk on your device though social media apps.  It gets a lot harder to identify whether these messages are from a trusted source or not.

Therefore, members need to be cautious when clicking on any of these messages. These phishing messages which now target mobile phones are often referred to as vishing and smishing attacks.

Vishing

Often referred to as voice phishing, vishing is a cybercrime technique where a phone is used to steal confidential data. These criminals use social engineering tactics to persuade their targets to divulge personal information like bank account details.

It is basically an art of convincing a potential victim over a phone call that the scammers are legitimate and working in the best interest of the target. These criminals often pretend to be government, tax department, police or bank officials.

They use a language of persuasive threats where the target is made to feel that the option provided is the only one and will benefit the target.

How to prevent vishing

  • Do not provide any sort of personal information over phone calls.
  • Pay attention to the kind of language being used by the alleged scammer.
  • Never confirm your identity over calls coming from unknown sources.
  • If you receive a call from an unknown number, let it go on a voicemail so that you can listen to it later.
  • Never revert to social media messages and emails that ask for your contact number.

Smishing

Smishing is another type of cyber fraud done using a mobile phone but operated through SMS. The scammer will send you fake texts to extract your personal or organisation's information and may pretend to be from a trusted source like your manager or bank.

How to prevent smishing

  • If you are suspicious about a particular number, do a google search for that number. If it belongs to the scammer, you will find warnings against that number.
  • If the message contains any links, do not open. It might be a trick to hack your phone.
  • Research trusted anti-malware apps and download.
  • Any text message that reflects urgency in its language is the biggest hint. Slow down to think and reassess.

For support on improving your local government's cyber-security practices contact your account manager.