Wombat Helps Enterprises so Employees aren't Caught in a 'Smishing' Expedition

By Peter Bernstein February 19, 2013

I like to believe that it is very good for our health if we learn something new every day. Well, today I learned a new word thanks to Wombat Security Technologies, and that word is “SMISHING.” With the caveat that learning about bad things is not actually a bad thing, what you need to know about smishing is that it the text messaging version of “phishing”—the nasty piece of business where someone tries to lure you via e-mail to divulge your personal information so they can use it for various malicious purposes.

Texters beware!

Wombat has introduced SmishGuru, which is being promoted as, “the industry's first and only simulated attack service to target the growing problem of text message phishing, coined as ‘smishing.’” This is not an insignificant problem; as might be expected, the proliferation of bring your own device (BYOD) has increased vulnerability and extended into the mobile workforce.

Wombat has designed SmishGuru as a simulation tool for security officers to train employees on how to recognize and avoid the most subtle yet potentially harmful smishing attacks. And Wombat is no stranger to this space. In fact, SmishGuru is an expansion of Wombat's family of Social Engineering Assessment products, which includes the award winning PhishGuru, an e-mail phishing simulation service.

The goal here is simple: it is the mitigation of BYOD risks through education. As Paula Musich, principal analyst for enterprise security at Current Analysis says, "As more companies embrace BYOD policies to empower employee productivity, cybercriminals will seek new ways to trick people into providing sensitive information making text message phishing or "smishing" one of several attack vectors on smart phones…Text messages, like e-mail messages, can be used to spread malware, phishing scams and other threats among mobile device users."

A look under the hood

So how does SmishGuru work? It is intuitive and powerful. Enterprise security officers can select and customize the type of attacks they want to send and select and customize the training an employee will receive if they fall for the simulated attack. Data from SmishGuru provides security officers with detailed data from each attack campaign. Employees can easily be grouped and assigned additional training in the areas they need it most.

Wombat cites as benefits the fact that by assessing and training employees, the SmishGuru attack simulation service enables security officers to:

  • Mitigate the risk their organization faces due to the use of smartphones
  • Protect corporate networks from malware, spyware and other malicious software
  • Understand which employees are most susceptible and target them with additional training
  • Provide a unique, teachable moment that instructs employees at the point of failure
  • Increase acceptance of security awareness training

 The fact of the matter is – and most people don’t like to admit it – it is likely that at some time, we have all fallen victim to a phishing expedition. I will admit that I fell for a security alert from what appeared to be a financial capability I use, and just a few seconds after I hit send, knew I had been had. Plus, what took seconds to create took months to undo completely.

Through its ability to simulate attacks, Wombat has developed a track record that demonstrates how important an educated consumer is to risk management in the enterprise. In fact, not only do simulations work in reducing employee susceptibility to the allure offered by the bad guys, but simulation has also been shown to increase employee interest in taking more in-depth training.




Edited by Allison Boccamazzo
SHARE THIS ARTICLE
Related Articles

What is IBM Watson Adding to the Practice of IT?

By: Doug Mohney    3/23/2017

I have seen the future of IT, but have yet to fully understand it. IBM's Watson cognitive computing push is going to drastically reshape how IT is run…

Read More

API Management Poised for Big Growth

By: Paula Bernier    3/22/2017

The API management market is forecast to be worth $2.665 billion by 2021, according to MarketsandMarkets. That's up from more than $606 million last y…

Read More

IBM Watson Aims to Improve Call Center, IVR CX

By: Paula Bernier    3/22/2017

At its IBM Interconnect event today, the tech giant is introducing the IBM Watson Voice Gateway. It can act as a cognitive self-service agent, directl…

Read More

The 3D Printer That Could Print Your Next House or Finish Trump's Wall in Two Months

By: Rob Enderle    3/21/2017

Not only could this 3D printer be used to rapidly rebuild a town devastated by a natural or manmade disaster, the resulting home could be better able …

Read More

How Twitter, Indiegogo and IBM Will Augment Executives and Politicians

By: Rob Enderle    3/20/2017

I think Twitter could become the showcase for what Ginni Rometty, IBM's CEO, was talking about when she said that IBM wasn't focused on replacing huma…

Read More