Smishing - the new cybercrime trend

B2B Cyber ​​Security ShortNews

Share post

Phishing is known to almost everyone today. Data theft by email has already made life difficult for many private individuals and companies. But now comes Smishing.

In the course of digitization and with the pandemic as a driver, mobile devices are becoming more important in every company, be it the office cell phone in the home office or mobile devices in production. Cyber ​​criminals know this too, so they are looking for new ways to dupe users with false information. The new scam: smishing.

What exactly is smishing?

Working from home or on the go is increasingly becoming part of everyday life for many professionals. For many activities, you don't need more than your company smartphone and laptop to do your daily work. Production processes are also increasingly being controlled by mobile devices and are opening up completely new opportunities for hackers to access company data beyond email phishing. The optimal gateway is a mobile device. This new way of spreading malware is called smishing - a combination of the terms “SMS” and “phishing”. The term includes all attempts at fraud via SMS, WhatsApp and other messenger services by which criminals try to spread malware or access sensitive data.

Why is smishing so dangerous?

Where users look twice at emails due to years of experience, they often lack a critical eye when they receive a text message via SMS on their cell phone. Smishing is still quite unknown, which is why the potential victims run the risk of clicking on a link that leads to a deceptively real fake website. This is exactly what makes these devices a popular target for hackers. In addition, phishing attacks have become more and more sophisticated in recent years, which is why these attacks are so successful. Fake SMS are copied almost 1: 1 from messages from well-known companies and thus give the recipient a serious impression. For example, alleged messages from a shipping company that contain a fraudulent tracking link. Smishing is becoming a very lucrative concept for cyber criminals.

How can you protect yourself?

Mobile devices are just as high a risk as the email inbox on the desktop computer. Security officers must also take measures for mobile security accordingly. While employee training can prevent many attempts at smishing, companies shouldn't rely on them alone. Those who rely solely on the constant attention of their employees run the risk of having to face the sometimes serious consequences. In the worst case, phishing attacks can bring entire companies to a standstill. Hackers have found a new backdoor in text messaging that companies urgently need to block from the start. The implementation of a comprehensive security concept that also takes mobile devices into account is essential. The new types of attacks can be detected and remedied by Unified Endpoint Management (UEM) across all mobile threat vectors. Trusting your employees is good, but sophisticated attacks require an equally well thought-out zero trust strategy so that a fleeting mistake doesn't turn into a full-blown problem.

More on this at


About MobileIron

MobileIron is redefining enterprise security with the industry's first mobile-centric zero trust platform built on top of Unified Endpoint Management (UEM) to secure unlimited access to and protection of data across the enterprise. Zero Trust assumes that cyber criminals are already on the network and that secure access is determined by a "never trust, always verify" approach. MobileIron goes beyond identity management and gateway approaches by using a broader set of attributes before granting access. A mobile-centric zero trust approach validates the device, establishes the user context, checks the authorization of applications, verifies the network and detects and corrects threats before a secure access to a device or a user is granted.

The MobileIron security platform is built on the foundation of the award-winning and industry-leading Unified Endpoint Management (UEM) capabilities with additional zero-trust enabling technologies, including zero-sign-on (ZSO), multi-factor authentication (MFA) and mobile threat Defense (MTD). Over 20.000 customers, including the world's largest financial institutions, intelligence services, and other highly regulated companies, have chosen MobileIron to provide a seamless and secure user experience by ensuring that only authorized users, devices, applications, and services access corporate resources can.


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more