Smishing, a portmanteau of “SMS” and “phishing,” refers to phishing attacks conducted through text messages. These attacks aim to deceive individuals into divulging sensitive information such as passwords, credit card numbers, or other personal data. Now as a result of a recent AT&T data leak, they could easily be received by those closest to you. The recent Snowflake / AT&T data leak has underscored the urgency of understanding and protecting against smishing threats.

What Happened:
Snowflake is software platform that provides data management and analytics capabilities for their customers. Due to relaxed security policies, Snowflake did not require customers to protect their data assets on the platform with industry-standard cybersecurity methods such as Multi-Factor Authentication (MFA). Consequently, according to one of Snowflake’s cybersecurity partners, at least 165 Snowflake customers were notified of the potential exposure…including AT&T who is currently informing ‘nearly all’ of its customers of the data leak.

The Potential Impact:
What caught my attention is the scope of the information involved in the leak. According to the AT&T notification:

“What information was involved?
The investigation indicates the data included the phone numbers of your call and text interactions from May 1, 2022 to October 31, 2022. It also included counts of those calls/texts and total call durations for specific days or months.”

This means that following a recent completely different AT&T data breach that exposed sensitive information such as Social Security Numbers and Date of Births, malicious actors now have access to all of the people we have called or texted over a six month period. The ease of correlating key relationships, the frequency of contact, then subsequently targeting those contacts with a spoofed phone number and a very specific request is incredibly unsettling.

 

How you can avoid falling victim to smishing attacks?

Understanding Smishing

Smishing works similarly to email phishing but utilizes text messages instead of emails. Cybercriminals send messages that appear to come from legitimate sources, such as banks, service providers, or even acquaintances. These messages often contain urgent requests or attractive offers designed to trick recipients into clicking on malicious links or providing personal information.

Tips to Avoid Falling for Smishing Attacks

1. Verify the Sender
– Be cautious of messages from unknown numbers. Even if a message appears to come from a known contact, it’s wise to verify its legitimacy through a separate communication channel.

2. Look for Red Flags
– Be wary of messages that create a sense of urgency or fear, such as warnings about account suspensions or urgent requests for payment. Legitimate companies typically do not ask for sensitive information via text messages.

3. Avoid Clicking on Links
– Do not click on links in unsolicited messages. If you receive a message claiming to be from a company, manually type the company’s website address into your browser to verify the information.

4. Do Not Share Personal Information
– Never provide personal information, such as passwords, Social Security numbers, or credit card details, in response to a text message.

5. Use Security Features
– Enable security features on your phone, such as two-factor authentication (2FA) and spam filters, to add extra layers of protection.

6. Report Suspicious Messages
– Report any suspicious messages to your mobile carrier and the company purportedly sending the message. This helps in taking down the malicious numbers and alerting others to the threat.

7. Stay Informed
– Keep abreast of the latest cybersecurity threats and tactics. Awareness is a powerful tool in recognizing and avoiding potential scams.

What to Do If You’ve Been Targeted

If you suspect you’ve received a smishing message or fallen victim to a smishing attack, take immediate action:

1. Do Not Respond!
– Do not reply to the message or engage with the sender.

2. Delete the Message
– Delete the suspicious message from your device to avoid accidentally interacting with it in the future.

3. Change Your Passwords
– If you’ve clicked on a link or provided information, change your passwords immediately and monitor your accounts for unusual activity.

4. Contact Your Bank and Mobile Carrier
– Inform your bank and mobile carrier about the potential breach. They can help secure your accounts and prevent further unauthorized access.

5. Report to Authorities
– Report the incident to the Federal Trade Commission (FTC) and your local law enforcement to assist in tracking and mitigating smishing attacks.

Conclusion

The Snowflake / AT&T data leak serves as a stark reminder of the importance of cybersecurity vigilance. By understanding the nature of smishing attacks and implementing the preventive measures outlined above, you can significantly reduce the risk of falling victim to these scams. Stay cautious, stay informed, and always prioritize your digital security.

NOVO has a track record of protecting our customers’ data through the implementation and management of Microsoft solutions that mitigate data exfiltration risks. 

Cornerstones of protection include:

  • Azure Information Protection enables data classification and labeling, ensuring sensitive data is recognized and handled securely.
  • Microsoft Defender for Cloud provides advanced threat detection and alerts, helping identify suspicious activity within cloud and on-premises environments.
  • Endpoint security through Microsoft Defender for Endpoint safeguards devices by identifying and isolating potential threats, while Microsoft Intune manages and secures devices across the organization, enforcing security policies and limiting data transfer.
  • Microsoft Purview, with its data loss prevention (DLP) capabilities, monitors and controls the movement of sensitive data, preventing it from being shared inappropriately or leaving the organization’s control.