When we make credit or purchases at the store we always keep our card in sight and carefully hide our pin number from prying eyes; We’re savvy about emails promising us the lion’s share of a Nigerian estate settlement and those that congratulate us on winning the Irish Sweepstakes when we’ve never set foot outside of Canada or even bought a ticket. We are always on high alert knowing that these tactics are fraudulent and we know they’re a scam.
But can we truly manage to keep from falling prey to cyber predators?
While emails offering outrageous windfalls can often be questioned using common sense, sometime those from supposedly legitimate sources have shown that they can truly throw us off-guard.
That’s because criminals often send fake and often well-crafted emails known as “spoof” or “phishing” emails that are designed to look like the real thing. With strong wording, these emails encourage us to click on links within the email that will direct us to fake websites, disguised as the legitimate sites of trusted institutions like our bank, PayPal or companies like eBay or Best Buy.
Like trying to avoid the wrath of the Borg, we comply, because, we’re worried about the consequences if we don’t. However, once those personal details turn to keystrokes, it’s too late!
Many organizations and institutions are doing their best to alert businesses and keep consumers informed, but those that are determined to continue in their dastardly ways remain persistent.
Technology Changes Criminal Behavior
In fact, according to PayPal Canada, who did a study ahead of Fraud Protection Month (March), found that as technology changes, so does criminal behavior.
Do you have the same Spidey senses when it comes to your smartphone?
Attacks made via e-mail have gone beyond the desktop and are now targeting mobile devices like cell phones and smartphones through SMS or text messaging. This more recent phenomenon is called SMiShing, a term derived from “SMs phISHING“.
Again like emails, they can take many forms, but the criminal’s goal is still to lure you to a fraudulent site or trick you into revealing personal information.
But unlike emails, text messages are sent through a phone number and because of this people may be less likely to think it’s fraudulent and furthermore, while these have not been as prevalent, yet, it’s more likely people will be caught in the criminal’s web.
Forms of SMiShing
SMiShing can show up in various forms. The message may be a request to call your bank with the bank’s phone number in the form of a hyperlink; it might be a request to enter or reconfirm your debit card’s PIN or your CVV, the 3 digit code on the back of your credit card.
But sometimes a criminal’s intent can be quite cruel, playing on your fear, with the lure disguised as a message alerting you to a supposed emergency. And in a moment of panic, especially since the text came right to your phone, you can see how easy it would be to become a victim.
It’s not just SMiShing that could open you up to potential fraud. Losing your phone or having it stolen, which according to a January 2012 survey conducted by Ipsos Reid on behalf of PayPal Canada, has happened to about 28% of smartphone owners in Canada (23% lost, 5% stolen).
A few suggestions to protect yourself would be to obviously keep an eye on your phone; password protect, be aware of the data including information within emails stored on it and also be wary of apps downloaded from unknown sources. You may also consider investing in apps like Kaspersky Labs Mobile Security or Intego Virus Barrier for iOS.
“Your smartphone is like a safe that no one should crack,” says Nicky Mezo, head of Marketing, PayPal Canada.
So with March being fraud prevention month there is no better time like right now to start thinking about protecting your data and financial information through your smartphone from now on, as you do you computer.
For more helpful hints about how to stay safe, you can visit PayPal’s online Security Centre.
photo courtesy: Victor Habbick
Greg Gazin is the Real Canadian Gadget Guy.
Follow me on Twitter @gadgetgreg.