Don’t take the bait!

I suppose if I was a fish, nothing would be more tempting to me than a small, slow multi-colored something that looks an awful lot like another juicy fish swimming by me in an unassuming manner at a time when I’m really hungry or just bored. Low hanging fruit, right? My natural tendency would probably be to jump on it, swim over to it quickly and gobble it up before another fish grabbed it, never thinking there was something, well, fishy about it.

If I take the bait I would soon find myself with a mouthful of hooks. Or worse.

From fishing to phishing.

Internet scammers figured out a long time ago that some people would act with as little caution as fish, and the term phishing came into our collective vernacular. Phishing is the process of trying to obtain sensitive personal information through electronic media—emails and fake websites—to ultimately be used for nefarious purposes like obtaining credit in our names or worse, even accessing our personal banking accounts. Phishing aims to trick us all into believing we’ve stumbled upon something too good to be true. In fact, it always is, and before the practice was clarified, a lot of people suffered. Even with solid information out there to protect against it and warnings everywhere, thousands of people still fall victim to phishing scams every day.

From phishing to SMiShing.

Now comes SMiShing. Think phishing on a smartphone. The same tactics used successfully by phishing scammers have now been unleashed upon smartphone users. And why not, really! Smartphone penetration is at an all-time high and growing, and we’ve been lead to believe that mobile connections are digital and secure—even more secure than internal, password-protected networks. To an extent, they are.

But not when user error enters in. A smartphone is only as secure as the mindset of the person in whose hand it rests. If you are prone to phishing scams on your laptop, you’re likely to be prone to SMiShing scams on your smartphone.

Fortunately, there is a simple safeguard.

Just like the email from an unknown source or the website with a strange address, there is one, simple thing you should always do. Well, actually, never do. Don’t click the link! No matter how enticing, or how innocent it feels, don’t do it. It’s always the safest, most prudent course of action.

Let’s say you receive a SMiSh from Royal Caribbean Cruises with a special $299 5-day cruise offer just for you, don’t click the link. Don’t click the link! First, no offer is just for you. Second, if there is a special offer, it will be on the Royal Caribbean Cruise website. So open a browser window, enter the website address for Royal Caribbean and see what offers they have at their site. That’s the smart way to go, and will offer you far more protection against your personal information being stolen and possibly compromised.

I don’t want to be a fish. And I don’t want to be phished, or SMiShed.

And I don’t want you to be either.