Zawartość kursu
Introduction
0/2
What exactly is phishing
How do criminals operate?
Types of phishing
Depending on the communication channel through which the attack is conducted, we distinguish several specific forms of phishing, which demonstrates the continuous adaptation of cybercriminals to new technologies:
0/5
Phishing (Email Phishing)
Smishing (SMS Phishing) – Fraud hidden in SMS messages
Vishing (Voice Phishing) – voice phishing
Quishing (QR Code Phishing)
Spear Phishing
Why is phishing so dangerous?
0/3
Global Services
Use of emotions: positive emotions
Strategies based on negative emotions
Examples of phishing attacks
0/6
Phishing using email: „Tax refund” attack
Phishing using email: Alleged shipment attack
Smishing – scam using SMS
Quishing – an attack using QR Code
Vishing – voice attack
Spear phishing
Principles of protection against phishing
0/6
General rules to protect
Phishing via e-mail
Smishing – SMS Phishing
Vishing – voice phishing
Quishing
Spear phishing
Phishing – don’t fall for internet scammers!

Smishing is a type of social engineering attack, the name of which is a combination of two words: SMS and Phishing. This method involves sending fraudulent, deceptive SMS text messages designed to trick the recipient into divulging confidential data, infecting their device with malware, or inducing the victim to perform a harmful financial operation (e.g., making an urgent payment).

Smishing attacks are particularly effective for several reasons. Primarily, people tend to place greater trust in SMS messages compared to emails. Users often perceive text communication as more direct, personal, and originating from credible institutions (e.g., banks, courier companies, government offices). Secondly, receiving a notification on a mobile phone triggers an immediate need to react and act quickly. This sense of urgency, combined with less caution than in the case of email, makes victims more willing to click on a malicious link or provide their data without thorough verification.

Scammers using smishing exploit emotions such as fear, curiosity, or the desire to avoid trouble. The most common scenarios include:

Alleged underpayments and urgent payments: The message informs about a supposedly outstanding, small amount (e.g., for electricity, gas, phone) and threatens service cut-off or high interest charges. The content contains a link to a fake payment page designed to steal online banking login credentials or payment card details.

Courier delivery problems: The victim receives an SMS stating that their package has been held up due to an incorrect address, the need to pay a customs fee, or a small surcharge for delivery. The link leads to a fake courier company portal. This is particularly effective during periods of increased online shopping.

Identity verification and account security: The message informs about an alleged bank account blockage, the urgent need for identity verification, or the detection of a suspicious transaction. The goal is to induce the user to click on a link that will take them to a fake bank website where their login and authorization details will be stolen.

Surcharge scams: Often the SMS is aimed at requesting quick financial help, e.g., from an alleged family member or friend who „changed their number” and urgently needs a small payment.

Poprzedni
Dalej