Thanks to advancing knowledge in cybersecurity, most workplaces do a great job of protecting employees from phishing attacks. However, as much as we advance, so do cybercriminals. As we up our game, so do they. And in order to get around our more robust gateways, they build more creative and targeted attacks, such as scam text messages campaigns – smishing.

In this case, the exponential increase in online shopping during the lockdown might have made PayPal an even more appealing brand to impersonate. A text saying the account has been limited creates an understandable sense of urgency, and while users have learnt to be wary of fraudulent emails, their attention might be lower with text messages, especially given that many brands now communicate with their users via text.

When it comes to protecting your organisation and safeguarding against cybercriminals’ tactics, you need to think like them. Cybersecurity awareness training can help prevent these attacks from being successful. To diffuse the risk from this type of campaigns, teach your employees to always visit websites from a browser, rather than by clicking on the link provided in an email… or a text message!