Email scams are not the only form of phishing, are you familiar with the terms “Vishing” and “SmiShing”?
VoIP(Voice) + Phishing = Vishing
When a phishing attack is done by targeting a mobile number, it’s referred to as Vishing or Voice Phishing. In Vishing attacks, the cybercriminal will call on mobile, and ask for personal information, posing themselves as a trustworthy identity.
For example, they may pretend to be a bank employee and may try to extract bank account numbers or ATM numbers or passwords.
SMS + Phishing = SmiShing
Just like Vishing, SmiShing attacks are also related to mobile devices. For SmiShing attacks, the attacker sends a SMS message to the target person, to open a link or an SMS alert.
Once you open the fake message or alert, the virus or malware is instantly downloaded into your phone. If this occurs, the attacker can access all the important information stored on your phone.
The best way to avoid Vishing attacks is to not answer calls from numbers unfamiliar to you. If you're unsure if it's your bank, doctor, dentist, etc. the best practice is to check their phone number on their website and call them back.
These calls can be malicious spoofing calls that are phishing for your information, but more commonly, we see spoofing calls that are automated recordings who are keeping data on whether or not you're picking up the phone. If you pick up, they keep note of that and may send more spam calls your way in the future.
For SmiShing messages, It's best to not click any links or attachments sent to you. A lot of the time these messages seem off or suspicious, but sometimes they are more sophisticated and may seem legit.
For example, a text might let you know that your package is on its way and has a link to check the tracking. It's safer to go directly to the websites from your browser and filling out your information on legitimate sites instead of clicking on links.