Such scams have also been reported by police departments of various states. A tweet from the Mumbai Police informed followers of a new scam in which scammers demand money from victims in exchange for assistance in upgrading to 5G. The Twitter account for the Pune City Police, Gurugram police department and Hyderabad Cyberabad (cybercrime unit) department have also issued similar caution. Security agencies have asked citizens to refrain from providing their OTPs to any telemarketers because doing so could result in their bank accounts getting wiped out.
“We have observed a spike in the spread of SMS Phishing, which uses SMS messages as the attack vector for malware distribution. Using SMS messages as an attack vector may seem rudimentary, but just like email phishing, they are extremely efficient. These attempts often imitate trusted brands or personal contacts to entice the victim to click on a link or share personal details in confidence. This method has proven particularly successful as after one device has been compromised, its entire contact list is up for grabs, creating an endless cycle of possible victims,” says Sundar Balasubramanian, Managing Director at Check Point Software, India & SAARC.
To avoid becoming a victim of such phishing scam, the company has following tips:
* Enable two-factor authentication: Sign into your accounts with both a password and one other method. It could be a question, biometric data or a one-time code sent to your device.
* Use strong passwords: Using the same keyword for everything, or simple combinations such as “123456” or “password”, is making it too easy for cybercriminals. There are now a multitude of platforms that can generate strong, difficult-to-guess passwords with upper- and lower-case letters, numbers and symbols.
* Learn how to recognize phishing: When an attacker sends a phishing email, there are usually some common identifiable traits such as misspellings or the fact that it asks for credentials to be entered. A company will never ask for a customers’ credentials on email. If in doubt, always go to the official page or platform of the company you want to access.
* Always keep software updated: It is always advisable to update your devices to the latest version of the software.