Social Engineering and Smishing: What You Need to Know (Kroll Blog)


In 2016, the FBI reported that U.S. cyber crime losses exceeded $1.3 billion. Many of these cyber crimes could be directly traced to social engineering or phishing campaigns.

Social engineering, or what many call “hacking humans,” is a leading cause of network breaches and unauthorized access to remote systems. It can take many forms, from someone on the phone pretending to be an IRS agent saying you owe back taxes, to emails offering you millions of dollars after you first send a couple thousand dollars to cover related fees. Phishing or spear phishing attacks raise the stakes by using details of your personal and business relationships to trick you into thinking requests are coming from legitimate callers or email senders.

While many people have been duped by these various schemes, public and corporate cyber security awareness campaigns have gone a long way toward helping educate users not to trust unsolicited phone calls and emails. So, when users are smart enough to recognize scam phone calls or to spot and delete fraudulent emails, where do scammers turn next? Why not turn to communicating with people through a device they carry with them every hour of the day? Why not target their cell phone!