Phishing attacks are the single most common form of cybercrime. In 2023, there were almost five million phishing attacks. The worst year on record for phishing. And since 2019, they have increased each year by more than 150%. Unfortunately, phishing and smishing are the most common attacks simply because it’s cheap and easy for attackers. The term “smishing” is a mix between short message service (SMS) and phishing. Phishing and smishing attacks are very similar, but phishing uses your email to try to get your personal information, and smishing contacts you through text messages.
There are ways to easily identify and avoid phishing and smishing attacks when it comes to your personal information and finances. By staying vigilant you can likely prevent any kind of phishing or smishing attacks that may happen to you. Learn what to do to protect yourself.
How to Spot a Phishing Email
- The sender’s email address is incorrect
Look at the email address that the email was sent to. If it seems suspicious or not consistent with the sender’s name or business, this is a red flag. An email reaches your work inbox and it’s supposed to be coming from a client email, but the email address reads something like: fakename123@gmail.com. However, it should be coming from a business email, not a personal email address. If you see an inconsistent email address, then you should make sure to report it. - Request for information
If you receive an email and it asks for your full name, address, and banking information then that is a clear indication it is a scam. No banks, including SouthWest Bank, will ever ask you for your personal information by email. - Suspicious links or attachments
Most people know you should never click on a link in an email if you are unsure what it is. It’s always a good idea to hover over the link if you are unsure what it is. That way you can see the domain and where it is sending you. In addition, if you see an attachment in an email and you didn’t expect it, do not open it. - Incorrect spelling or grammar
It’s important to check subject lines, body text, links, and signatures for spelling or grammatical errors. Frequent errors like this are a telltale sign that the email may be a phishing email. You should also look out for very generic messages (i.e., Dear Customer, Greetings User, etc.) when you are trying to determine if it is a phishing email.
Here is an example of a straightforward phishing email:
Scammers continue to get more and more creative with their messaging so emails asking to pay an invoice or change a password should be carefully monitored.
How to Spot a Text Scam or Smishing
Typically, a smishing scam attempts to impersonate a reputable business and it does this by trying to get you to click a link or phone number attached in the text. The phone number and area code tend to look like any others. These messages will typically come from credible sources like Amazon, FedEx, or UPS to make them seem more realistic. If you fall into clicking the link, then you will likely be asked to enter some kind of personal information like a social security number, credit card information, or other sensitive information. You could also unknowingly download malicious software to your device that can potentially collect personal information.
Here is an example of a smishing attempt:
What to do Next
Do not open or reply to the email if you have any suspicion of it being a phishing email. You should always report these kinds of emails. If you receive this in your personal email, you can go to IdentityTheft.gov and fill out the form. If you receive this kind of phishing email in your company email account, report it immediately to the IT department so that they can take the necessary precautions. Another tip you should always keep in mind is to make sure your computer is always up to date with the latest security software. This should occur daily, so you don’t go too long without the most current patches and updates.
As far as smishing you should;
- Never click links, reply to text messages, or call numbers you don't recognize.
- Do not respond to any unfamiliar or suspicious messages.
- Delete all unfamiliar and suspicious texts you receive.
- Make sure your cellphone is updated to the latest version, apple, or Samsung.
- Protect any sensitive personal information - bank accounts, health records, social media accounts, etc. – you can do this by adding two-factor authentication.
Always Stay Vigilant
The best way to protect yourself against these kinds of phishing or smishing attacks is to know what to look out for and always report anything you find to be suspicious. Never click on any links or attachments you are uncertain of, and never give your personal banking information out. Trust your instinct because it’s almost always going to be right. And remember that if you ever have questions about whether a legitimate email came from SouthWest Bank, we are always here to help. Contact us online or visit one of our Texas locations for more information.