First it was email. Now the BEC (Business Email Compromise) crooks have slid into our texts. What is next, WhatsApp? Oops, that is another happy hunting ground for these dirt bags.
I got the text below this morning—tax refund coming my way? Yeah, right. One click and you’re on a malicious site designed to steal credentials or install malware.
The danger? Text feels personal. We’re trained to answer fast. That “ping” hits, and before you know it, you’re handing your login creds to a guy in a basement wearing pajama pants.
Pro tips:
-Check origination. This one came from country code 63 . . . Philippines. Spidey senses are tingling.
-Don’t click weird links—even if the sender looks familiar. But it is not the same: https://ftb.ca-kv.cc/ looks a little like https://www.ftb.ca.gov/, yet is worlds apart.
-Verify directly—call or email the company/person using known contact info.
-Educate your teams—BEC isn’t just an email problem anymore.
Bottom line: If it smells fishy, it’s probably phishy. And now it’s smishy.