An Evolved Form of SMShing
SMShing is taking a more dangerous form to deceive unsuspecting victims.
Perpetrators are now bypassing the normal telecommunications channel by using a special device called an SMS Blaster. The device can send SMS or Text messages without credit or load, without a database, and without an internet connection.
The device acts like a stand-alone cell site and can detect cellphones that are active around it. It can also directly send text messages without needing to connect to a legitimate telecommunications company.
A feature of the SMS blaster is it can customize the sender of the SMShing message: it can come from a telco provider, a bank, a government agency, or a barangay official.
This makes it more difficult for recipients to check if the text message comes from a legitimate company or prominent official.
Given the sophisticated ways perpetrators try to steal our credentials and money, we have to be more vigilant.
- If your credentials have been harvested, enrolling your account to Multi-Factor Authentication provides a second layer of protection.
- Avoid suspicious links and check the link’s destination site first to ensure it is trusted and legitimate.
- Regularly update your device software and apps to ensure they have the latest security patches.
- Smart Communications, Inc. will never ask for payment, One-time PINs, credit card or bank account details, re-register Smart/TNT SIMs in exchange for prizes and giveaways.
- When in doubt, verify with legitimate channels of the concerned company – you can either call their hotline or validate through its legitimate social media pages.
- Report scam messages to Smart’s HULISCAM Anti-scam portal: https://smart.com.ph/huliscam
