The national centre for cyber-security (CCB) has issued a warning of a ‘tsunami’ of fraudulent text messages expected to be sent to phones in Belgium over the coming days.
The practice known as ‘smishing’ – a portmanteau of SMS and phishing, uses text messages to fool recipients into clicking on a link in the message, which appears to come from a legitimate source like a bank.
In some cases, visiting the link is enough to install a tiny piece of software on your phone that allows the crooks to take control from a distance.
In other cases, you may be asked to fill in personal details – such as account number and password – on a false site indistinguishable by the naked eye. Once the details are filled in, the thieves have access to your personal account.
In the light of the techniques used, the advice from the experts is simple: do not click on links you do not recognise. And if you do, never give away private information of any kind.
Banks and other financial institutions always stress that they will never ask for this personal information in a text message (or in an email).
“We have received information from a reliable source that in the coming days, maybe even weeks, a smishing campaign will be launched against our country,” said Miguel De Bruycker, head of the CCB, the government agency responsible for the security of the internet.
Why Belgium should be targetted in particular is not clear, he said, but there has been an increase in the number of cases of smishing recently.
In the past, emails were the instrument of choice for fraudsters, but it may be that recipients are more aware. It may also be that we have our phones with us at all times, so may be less vigilant when we get a warning ostensibly from a government office while we are on the street.
In any event, the advice remains unchanged. Do not follow the instructions given. If the message is genuinely from the bank or the government, they will send you a letter.