SecurityScorecard’s own Ondrej Krehel talks with News 12 in New York about how to protect yourself from what might be the most surreal spam number of all—your own.
Most of us are used to getting spam texts: You’ve paid your bill, click this link for a free gift! You’ve won the sweepstakes, click here to redeem! It’s no surprise that nothing good comes from clicking those links. Usually, they’re either an attempt to steal your credentials, trick you into sending money, or install malware on your device.
Though hackers tend to rotate through numbers, you can at least block each number as it pops up on your phone. Unless, of course—like something from the classic horror film, When a Stranger Calls—the number is your own.
Hackers have been able to spoof numbers for years now, but spoofing a user’s own number feels like a surprising turn that may make some users, particularly if they’re distracted or in a rush, click instinctively.
Ondrej Krehel, Vice President of Digital Forensics and Incident Response at SecurityScorecard, recently sat down with News 12 in New York City to give expert advice on the best way to avoid an unsafe outcome. Ondrej warns us all to stay alert.
Rather than clicking links in texts that are sent to you, go “out of band.” That is, take a look at who the text claims to be from, then—if you’re interested in pursuing the supposed offer—circle back to that reputed sender through a communication channel you know to be safe. For example, calling the phone number published on the company’s official website or using the site’s chat function. A customer service representative can tell you whether or not the offer is legit.
As wireless providers work to weed out SMS scams, adding in this extra step as your standard protocol will make it extremely unlikely that you will click a bad link in a text from someone claiming to be you.
About SecurityScorecard
Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. Funded by world-class investors, including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base.
SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees, and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.