US Bank Scams Are Now Targeting Calgary Businesses
Key Points:
- Calgary businesses are being targeted by US-based banks in fraudulent SMS messages.
- The messages claim to be from a legitimate bank and instruct the recipient to click on a link to update their account information.
- The link leads to a phishing website that is designed to steal the victim’s personal and financial information.
Unsolicited text messages like smishing can be a way for hackers to gain access to your device and cause serious damage. Smishing is the act of sending spoofed text messages that appear to come from a legitimate source, like a financial institution or government agency.
These texts often contain links or attachments that can infect your device with malware. In some cases, these attacks can lead to identity theft or financial loss. To protect yourself from smishing attacks, it’s important to be aware of the signs and know how to report them.
What’s Happening?
There have been reports of smishing attacks in which businesses in Calgary are being targeted by US-based banks. This is a type of phishing attack in which the attacker poses as a legitimate bank or financial institution and tries to trick the victim into giving up sensitive information such as login credentials.
These messages often come in the form of an SMS or text message and claim that the recipient’s account has been compromised or that there is a problem with their account. The message will request that the recipient clicks on a link to resolve the issue.
Clicking on the link will take the victim to a fake website that looks like a legitimate bank’s website. The victim is then asked to enter their login information, which the attacker can then use to gain access to the victim’s account.
If you receive any suspicious messages, do not click on any links and do not reply to the message. Examples of the types of suspicious messages that have been reported include:
- “Your (bank name) account has been compromised. Please click the link to update your information.”
- “There is a problem with your (bank name) account. Please click the link to resolve the issue.”
- “Your (bank name) account has been suspended. Please click the link to reactivate your account.”
Protect Your Calgary Business From US Bank Scams
Perpetrators of smishing attacks will always try to hide their tracks by posing as someone you trust. However, no matter how convincing they may be, there are always ways to identify them.
Here are some things to look out for when spotting a smishing text:
- The sender’s number or name doesn’t match up with the organization they claim to be from: This is a big red flag, as legitimate organizations will always use a verified number or email address.
- You weren’t expecting to receive a message from them: If you’re not expecting to hear from the sender, be suspicious. Organizations that you do business with will usually only contact you if you’ve permitted them to do so.
- The message contains poor grammar or spelling mistakes: This is another common sign that the text is not from a legitimate source. Most organizations have someone proofread their communications before they go out.
- The message prompts you to take immediate action: Hackers will try to create a sense of urgency to get you to act without thinking. If a message tells you that you need to click on a link or provide personal information right away, be very wary.
Don’t Be a Victim of SMS Phishing Scams
It seems like every day there’s a new story about some type of fraud or scam that’s being perpetrated online. While it’s important to be aware of the risks, it’s also important not to let the fear of being scammed keep you from enjoying the many benefits of the internet.
There are some simple steps you can take to protect yourself from SMS phishing scams:
- Never click on links in unsolicited messages, even if they appear to come from a legitimate source.
- If you’re unsure whether a message is legitimate, contact the company or financial institution directly.
- Do not use the contact information in the message.
- Do not reply to unsolicited messages. If you do, you may confirm your phone number and unwittingly opt-in to receive future messages.
- Never give out personal or financial information in response to an unsolicited message.
- Keep your anti-virus and anti-malware software up to date.
Security Awareness Training Can Help
One of the best ways to protect your business from smishing attacks is to educate your employees about the dangers of clicking on links in unsolicited text messages. Security awareness training can help employees become more suspicious of phishing attempts and less likely to fall for them.
Some things you can cover in your training include:
- How to spot a phishing text: As we mentioned above, there are some common signs that a text is not from a legitimate source. Train your employees to look out for these red flags.
- What to do if they receive a phishing text: If an employee does receive a suspicious text, they should know not to reply to it or click on any links. They should also report the message to a supervisor or someone in your IT department.
- How to report phishing texts: Teach employees how to forward suspicious texts to your IT department or the Canadian Anti-Fraud Centre. Providing employees with this information can help you quickly identify and stop attacks.
By equipping your employees with the knowledge and tools they need to identify smishing scams, you can help keep your business safe. Smishing attacks are a serious threat to businesses of all sizes. By being aware of the dangers and taking steps to protect yourself, you can help keep your business safe.
Pure IT Protects Our Clients From Social Engineering Attacks
Here at Pure IT, we have a team of dedicated IT professionals who can help you protect your business from various forms of social engineering attacks, like phishing and smishing. We can provide you with a robust, multi-layered cyber defence program that will help to create a safe and secure network for your business.
Our mission is to help you by sharing our knowledge and expertise in both IT and cybersecurity. If you think your business may be at risk of a social engineering attack, or if you’ve already been a victim of one, contact us today. We can help you assess the situation and put a plan in place to help protect your business from future attacks.