These days, it seems like every week there are new kinds of cyber attacks or scams. Fraudsters are getting increasingly inventive in how they try to get access to your important accounts, but you don’t have to bear the brunt of their attacks. Read on to learn more about some common cyber attacks and scams, and discover how you can better protect yourself.
What is smishing?
Have you ever gotten a text that looks like it came from your bank, asking you to verify your account information? Or someone messaged you saying you’ve won a contest, but you have to share some personal information to get your prize? Maybe someone texts you claiming to be from the IRS and gives you a phone number you need to call to discuss money you owe? These are all examples of smishing.
Smishing gets its name from the term SMS, or “short messaging system,” which is what a text is. Mash it up with the term “phishing,” which refers to a fraudster’s attempt to get you to reveal vital information that can be used to scam you, and you get smishing. If a smishing attempt doesn’t outright ask for your information via text or phone, chances are they guide you to an official-looking website that’s intended to fool you. Once you’re there, the site may ask you for everything from a credit card number to your social security number to your account username or password—or all of the above.
The good news is, there are steps you can take to ward off smishing scams. Click here to learn more about what you can do to protect yourself.
What is porting?
Let’s say you have a phone number associated with a phone activated under one mobile carrier, but you want to switch to another mobile carrier and take your phone number with you. That’s what porting is – keeping the same number as you change carriers. It can be very helpful for customers, but if a fraudster is able to port your number without you knowing, it could put your information at risk. You might not even be aware that it’s happened until you realize your phone has lost service, or is set to “emergency calls only.”
Here’s how they do it: using a fake ID and/or stolen personal information, a fraudster can try to take control of your phone number by porting it to a new carrier. Once they have your phone number ported, a fraudster can connect your number to a new device and use it to intercept messages from your bank or other personal accounts—which means they would get authentication messages associated with account logins. With that information in hand, they can gain access to your accounts—and lock you out or take your money.
You can reduce your risk of illegal porting by taking some additional safety steps. Click here to learn how to safeguard yourself against porting.
What is a SIM swap?
Here’s another way fraudsters can get access to your important account information—and they don’t even need your phone. First, it helps to know what a SIM card is. A SIM card is the small chip that goes in the tiny slot at the side of your phone. It acts as a connector between your account and phone and connects you to your mobile network.
A fraudster initiates a SIM swap by first learning as much personal information about you as they can—which they can do by attempting to phish you, or just by combing your social media accounts for some pertinent personal information. Once they have that, they can call your mobile service provider and convince the customer service representative that they’re you, and ask them to link your service to a SIM card they own. That reroutes all your calls and texts to the fraudster’s phone, giving them access to authentication requests and deactivating your phone.
There are ways to help defend against a SIM swap, though—you’re not powerless against them. Click here to find out what you can do to protect against a SIM swap.
What is social engineering?
Even if you’re not familiar with the term, chances are you’re already aware of social engineering. That’s the kind of scam where a fraudster tries to convince you they’re someone you know in some way to try and get you to reveal important information that they can use.
Think of scams where someone tries to convince you a friend or family member is in trouble, or claims a company you have an account with will shut it down unless you get in touch with them immediately, or pretends to be a collection agency working with the government. They’re not always negative, though—sometimes they pretend to be a company you love offering a discount, or wanting to verify your account information. If this sounds familiar to the smishing attacks we outlined above, you’re right—smishing attacks are often socially engineered. But social engineering attacks don’t just happen through text—they can happen by email, social media, or fraudsters calling you directly.
Don’t fall for social engineering. Click here to learn more about how to secure yourself and your accounts from social engineering attacks.
What is a man in the middle attack?
If you’ve ever gotten an authorization code from a company that’s asking you for additional account information, then had someone contact you attempting to get that code, you’ve been the victim of a man in the middle attack. This form of fraud is exactly as it sounds: a fraudster literally puts themself in the middle of your authentication process by attempting to get your code so they can use it to misrepresent themselves to the company that issued the code.
How does it work? Once a fraudster has your user ID or log in credentials, they can trigger an authorization code by trying to access the account or make changes to your account—say, by moving money around. When the code is sent to you, the fraudster will contact you pretending to be the company to try to get you to reveal the code to them so they can complete their scam transaction. By triggering an authentication code and getting that code from you, they can also change your password and lock you out of your account.
You definitely don’t want to fall prey to the man in the middle. Click here to learn how to put the kibosh on a man in the middle attack, and keep your accounts and identity more secure.
Cyber attacks and scams might be scary to think about, but you’re not powerless against them. Staying up to date on the latest scams and ways to prevent them gives you the best chance of protecting yourself.
This article is AT&T sponsored content written by Carly Milne, a TechBuzz contributor. The statements in this article are her own and don’t necessarily represent the positions, strategies, or opinions of AT&T.