Carnegie Mellon University

Stay Alert For Fraudulent Text Messages

February 29, 2024

Stay Alert For Fraudulent Text Messages

In the digital age, cyber threats have evolved beyond the traditional realm of computer viruses and malware. One such threat that has seen a significant rise is SMS-based phishing, or "smishing". This form of cyber attack leverages the trust users place in text messages, making it a potent tool for cybercriminals.  Over the last few months the Information Security Office has seen a rise in these fraudulent messages.

What is Smishing?

Smishing is a form of phishing where hackers send SMS messages to trick users into revealing sensitive information1. The message often contains a link that redirects the user to a fake website, which either prompts the user to enter their personal information or attempts to download malicious software onto their device1.  Hackers have increasingly been using publicly known information to imitate Senior leadership and send targeted messages to Carnegie Mellon students, faculty, and staff.

The Statistics Behind Smishing

The danger of smishing lies in its effectiveness. According to a report by SafetyDetectives, less than 35% of the population knows what smishing is1. This lack of awareness, coupled with the high response rates of SMS messages, makes smishing a highly successful form of cyber attack6.

In 2020, the Internet Crime Complaint Center (IC3) reported over 240,000 victims of phishing, smishing, vishing, and pharming, costing over $54 million in losses1. The average financial damage from smishing is $800 per individual globally3.

The Rise of Smishing

Smishing attacks have seen a dramatic increase in recent years. In the first two quarters of 2021 alone, smishing attacks expanded by over 700%4. This rise can be attributed to the growing reliance on mobile devices and the trust users place in text messages.

The Fight Against Smishing

Despite the rising threat of smishing, efforts are being made to combat this form of cyber attack. Telecommunications companies are working fast on attacking SMS-based scams1. However, the fight against smishing is a continuous battle, requiring constant vigilance and education.  It is important to be aware that the Information Security Office does not have the capability to monitor or block messages to cell phones.  Each person must do their best to be aware of these fraudulent messages and do their best to protect themselves.

Conclusion

As our reliance on digital communication grows, so too does the threat of cyber attacks like smishing. It's crucial for users to stay informed about these threats and take necessary precautions to protect their sensitive information. Remember, when it comes to text messages from unknown sources, it's always better to be safe than sorry.

Source(s)

  1. 11 Facts + Stats on Smishing (SMS Phishing) in 2024 - SafetyDetectives
  2. What Is Smishing? SMS Phishing Explained | Sinch
  3. Smishing Statistics 2023: The Latest Trends and Numbers in SMS Phishing
  4. 13+ Smishing Statistics in 2024 (SMS Phishing Attacks)
  5. 60+ Smishing Statistics in 2024 (SMS Phishing Attacks) - The Tech Report
  6. Smishing 101: Detecting and preventing SMS phishing attacks