Our members are experiencing a high rate of fraud attempts initiated through text messaging scams that cause the member to click a link that takes them to a lookalike domain where they enter their credentials. Outside of training for our members, does anyone have any good suggestions to help mitigate this type of fraud activity?


1.9k views1 Upvote8 Comments

Director, Strategic Security Initiatives in Software, 10,001+ employees
Quarterly/Monthly TEST emails from the Security team to the company. Folks clicking on it receive extra mandatory training. Will help reduce folks clicking on such emails as they have been seeing them monthly from the company and are aware how ti identify them
1 Reply
VP of IT, Self-employed

We do exactly that.  The problem is, this is our customer base not our employees.  While we do provide training, there's not much we can do but provide guidance.

Co-Founder in Services (non-Government), 2 - 10 employees
There are a couple of things in mind, 

1)You should investigate how the bad guys have obtained so many of your phone numbers.
2)Assuming it's a managed device (with MDM), deploy Cloud SWG/SSE to block fraudulent links.
3)Work proactively with a threat intelligence company to take down malicious domains, something like https://bfore.ai/.
1 Reply
VP of IT, Self-employed

1.  It appears that our entire area code is likely being spammed.  It could also be one of the local utility providers had a leak.  We have a fairly mature incident response and vendor management program and can't seem to find any correlation between any events we're aware of and the data itself.  The trick in small, rural areas is that since all services are "the only game in town", everybody uses them.  There's not a good way to correlate.  Also, many non-customers are also affected.  There just aren't that many people in our area, so if you just start texting numbers in our area code, the chances of hitting on one of our members is about 1 in 10.
2.  Not a managed device. As these are customer devices, all we can do is recommend garden-variety mitigations through their device OS, recommend filters, etc.
3.  We do work with RSA for this.  Domain takedowns take too long.  I will look into bfore.ai.  maybe response time would be better.  Thank you for that recommendation!

VP of IT, Self-employed
I should clarify that these attacks are not against our org directly.  They are against our members (customers for those not in the CU space.)
Director of IT in Education, 5,001 - 10,000 employees
Mandatory and regular security awareness training that covers text and email links. Also the security folks should regularly do internal exercises text, emails and also telephone calls.
Director of IT in Manufacturing, 5,001 - 10,000 employees
I suggest to you to uses ISO 27001 framework to protect data and information in your company and use anti phishing software
IT Director in Travel and Hospitality, 10,001+ employees
I would contact all your members via email or mail to tell them how you’ll contact them and what you will ask, and what you will never ask in order to help them identify spam. Admit that fraudsters are doing this to your customers and others, and give them the tools to protect themselves- such as not clicking on the link, logging into their own account or phoning your contact centre.

A longer term solution is to get them to use your app and say you will never text them, you’ll only use notifications

Purchasing al lookalike domains is unlikely to really work

Content you might like

Yes – very optimistic!33%

Yes – mildly optimistic.53%

No8%

I’m not sure6%


189 PARTICIPANTS

585 views1 Upvote

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
42.2k views131 Upvotes319 Comments