Dear Colleagues,

As most of you are aware, phishing has become more and more prevalent. The FBI estimates that it is costing American businesses about $500 million per year. Social engineering — the use of deception to trick people into divulging confidential information – is the primary technique used in these highly successful attacks.

Phishing is a generic term that comes in several forms, such as spear-phishing (appears to be from someone you know), whaling (high value targets such as executives), vishing (over the phone), and smishing (via phone texts). As noted by the security awareness vendor KnowBe4, smishing is on the rise.

At the moment, there is a mystery shopping scam going on, starting out with a text invitation, asking you to send an email for more info which then gets you roped into the scam.

Always, when you get a text, remember to ‘Think Before You Tap’, because more and more, texts are being used for identity theft, bank account take-overs and to pressure you into giving out personal or company confidential information.

As a courtesy, KnowBe4 has posted a very useful Social Engineering Red Flags cheat sheet that ITS encourages you to review.