Scanning for S.C.A.M.? I had to last night!

I've posted a few times about the Phriendly Phishing content, and how the basic message of our phishing training is 'Scan for S.C.A.M.'

Well, last night I put it into action with an incredible smishing message that came in to my mobile.

To many people who may have received this message, it was a tempting click.

Bendigo Bank: Your account has been suspended. Please complete the security check on https://bendigobank.help/cpk Thanks, Bendigo Bank Support.

Now - my initial reaction was SCAM!! I have never banked with Bendigo, had the same number for 15+ years, and I am suspicious of everything that comes my way.

However, it got me thinking. Not so many people are like me, who work in cyber, who are hesitant, and to someone who is a little less tech savvy - they may think that someone is trying to impersonate them, open a new account under a stolen identity etc.

This is why I love our S.C.A.M. training - and wanted to break it down in this real life scenario. S.C.A.M. is an acronym. Sender. Content. Action. Manage. Putting it into action last night was easy - and as this is such an easy example - once I write this up, I am actually going to share to friends and family.

Sender - Who is really sending this?

The message came from a random mobile number. A bank will never ask for you to do a security check via a URL that they send. They will ALWAYS tell you to log into your account - via their usual website (again - no link provided) and prompt from there - or go into a branch. If you can't verify, don't action. If you are wondering if it is legitimate, Google the main contact number for that organisation, and call them directly.

Content - What is in the contents?

This one was where it nearly got me. It looks potentially legit! However, there are a few red flags - the URL is one of them. Lesson 2 of S.C.A.M. 101 is Structure of a Web Address. When chatting about our content - I love bringing this part up. Many people - myself included have NEVER been taught this formally - until they do S.C.A.M. 101. This training ensured that I was able to identify the link as being Seriously Dodgy! We teach people about the protocol, subdomain, domain and path is. And what can be customised, and what can't. This URL's domain is .help NOT bendigobank.com.au

The 2nd - was the repetition of Bendigo Bank's name - it may not seem as much, but it is a way that scammers can try and force that sense of authority.

Action - What did it want me to do?

Again BIG RED FLAG!! The link was supposed to be where I could do a security check! NO THANKS! A bank, or legitimate business will never send an unsolicited email/sms/phone call to verify your identity, ask you to do a security check or upload documents. The most they will do is call you if suspected fraud is happening on your account and ask if you are overseas/travelling and if not, tell you they are cancelling your cards. Again - if you think you do need to do something out of the blue - call directly.

Manage - So - what do we do?

Firstly, I googled Bendigo Bank's processes - and they ask for scam/impersonation messages to be forwarded to a number - most large companies will have a policy for reporting messages that are impersonating their brand. Go to their website and report - why? The more they know about, the more they can alert the public, plus, hopefully thwart any future attempts of impersonation.

Secondly - Delete! Get rid of it! I have 2 young kids who love to try and play with my phone - plus I have pocket dialled more people than I could care to admit. It doesn't take much to click a link, and we don't need the risk.

I hope this has helped. Please reach out of you have any questions/interest in learning more.