Cyber-security software developer Wombat Security Technologies announced the launch of SmishGuru, a simulated attack service to target the growing problem of text-message phishing, also known as "smishing."
An expansion of the company’s family of social engineering assessment products, SmishGuru can also help companies mitigate bring-your-own-device (BYOD) risks by teaching employees to defend against popular mobile device attacks and training how to recognize and avoid the more subtle smishing attacks.
Similar to Wombat's PhishGuru and USBGuru solutions, security officers can select and customize the type of attack they want to send and select and customize the training the employee will receive if they fall for the simulated attack. The interactive training modules teach employees about social engineering, smishing attacks, malicious URLs and overall smartphone security.
The platform provides security officers with data from each attack campaign, and employees can be grouped and assigned additional training in the required areas. Wombat also provides complementary software-training modules that can be used in conjunction with SmishGuru, providing a holistic approach to BYOD threats.
"As more companies embrace BYOD policies to empower employee productivity, cyber-criminals will seek new ways to trick people into providing sensitive information making text message phishing, or 'smishing,' one of several attack vectors on smartphones," principal analyst for enterprise security at Current Analysis Paula Musich said in a statement. "Text messages, like email messages, can be used to spread malware, phishing scams and other threats among mobile-device users."
A recent study from Nielsen indicated 67 percent of new mobile phone purchases are smartphones, and yet while they are embracing mobile conveniences such as texting and geo location applications, surveys also suggest users are careless about security.
A July 2012 study, this time from EMC’s security division, RSA, revealed people are more likely to fall for phishing attacks on mobile devices than on PCs. As a result, cyber-attacks on mobile phones rose by a factor of six last year, according to Intel. Finally, Lookout Security’s State of Mobile Security 2012 reported predicted that four out of 10 mobile users will click an unsafe link on their smartphones.
"We've already seen the rise of successful smishing attacks and all predictions point to increases in the future," Wombat president and CEO Joe Ferrara said in a statement. "SmishGuru is part of a holistic approach to security awareness and training that leverages our combination of simulated attacks and highly interactive employee training to help companies protect against the latest breeds of malware and spyware used to infect corporate networks and steal valuable data."