skip to Main Content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038

    Smishing attacks up sevenfold in six months

    Smishing Attacks

    The volume of scam text messages – commonly known as smishing scams – sent to UK mobile customers during the first six months of 2021 grew by close to 700% compared with the last six months of 2020, according to new data from consumer affairs organisation Which?.

    Which?’s data, which is drawn both from its own Scam Sharer service and the 7726 (S-P-A-M) reporting service run by Proofpoint, reveals how the Covid-19 pandemic has spurred fraudsters and cyber criminals to take advantage of consumers’ increased reliance on digital services, and the UK has been particularly hard hit – reports of smishing scams in this country are more than 15 times higher than in the US.

    As a result, Which? is today launching a guide, which can be downloaded here, with support from multiple organisations, to help businesses protect their customers and differentiate their legitimate texts from fake ones. Some of the tips include avoiding the use of hyperlinks if possible, not including phone numbers, and protecting their SMS Sender ID so that it cannot be spoofed.

    “Smishing attempts have risen dramatically – with fraudsters taking advantage of the pandemic to trick consumers into giving away personal details and transferring their hard-earned cash,” said Rocio Concha, director of policy and advocacy at Which?.

    “Businesses must play their part to protect people from scams. Our SMS guide aims to help organisations differentiate their texts from the scammers impersonating them, so consumers can more easily recognise scam SMS messages.

    “We welcome the commitment by the businesses that have signed up to our guide and hope this will encourage more organisations to consider how they can better protect their customers from fraud.”

    Which? said the prevalence of such scams was making it harder and harder for ordinary people to tell genuine business texts from fake ones, and making the majority of people – 71%, according to polling conducted by Opinium for Which? in May – wary of any communications at all.

    Among the brands commonly impersonated in smishing scams are banks, delivery companies, retailers and communications services providers, but Which? and Proofpoint’s data shows that it is parcel delivery and banking scams that are the most prevalent because both sectors do make use of legitimate text messages to contact customers.Of these, parcel delivery scams are by far the most common, occurring at a ratio of three to one compared with banking scams. Delivery providers DPD and Hermes have both signed on to adopt the guide, as well as Barclays and TSB banks.

    Other supporters of the initiative include mobile industry trade body Mobile UK, AICES, which represents delivery companies, and international consumer affairs association Consumers International.

    With new smishing tactics out in the wild, it’s important for your users to take every text message seriously. Frequent phishing tests and new-school security awareness training can ensure your users are prepared to spot and report any suspicious activity. 

    With thanks to Computer Weekly. The Full story is here:

    Free Phishing Security Test

    Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

    PST Results

    Here’s how it works:

    • Immediately start your test for up to 100 users (no need to talk to anyone)
    • Select from 20+ languages and customize the phishing test template based on your environment
    • Choose the landing page your users see after they click
    • Show users which red flags they missed, or a 404 page
    • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
    • See how your organization compares to others in your industry

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: This


    Sign Up to the TIO Intel Alerts!

    Back To Top