Smishing (SMS or Text Attacks)
Smishing is a form of social engineering that exploits text messages. This attack involves scammers sending fake text messages that appear to be from a legitimate source, like Northfield Bank. The scammer wants to build rapport with you and will ask you to reveal sensitive information, clink on links, install some software, or go to specific dangerous websites.
To protect yourself from smishing attacks:
- Be cautious of unsolicited messages: If you receive a text message from an unknown number or someone claiming to be from a legitimate organization, be suspicious. Don't respond.
- Verify identities: If someone claims to be from a legitimate organization, try to verify their identity directly with the company. Don't rely on the information provided in the text, check your previous statements for the legitimate contact information.
- Do not reveal personal or financial information and do not respond to solicitations for information. This includes following links sent via email or text.
- Check website security: When entering sensitive information online, ensure the website's security by checking if it uses an encrypted connection (HTTPS). (ex. https://www.enorthfield.com)
- Pay attention to the website address or URLs: Look for misspellings or different variations including numbers or other characters.
- Keep your device(s) up to date: Install updates, patches and anti-virus software, on your devices including firewalls, and email filters to reduce the risk of malware and phishing attempts.
- Take advantage of any anti-phishing features offered by your email client and web browser to help detect and block suspicious messages and websites.
- Use strong passwords: Use a unique, long and strong password (or pass phrases) for the systems and services that contain sensitive information, like your financial service organizations.
- Enable multi-factor authentication where available for any system or service that contains or stores sensitive information.