Cyber Guru 2.0 Help Center
Contact us
In this article
What is smishing?In which countries is it allowed?How many SMS can be sent?How to activate a smishing campaign
Home
Configuration and Company Management
Company Admin Manual
Company Settings
Release Management (Phishing)

Smishing Campaigns

Edited

What is smishing?

Smishing is a form of cyber attack that uses SMS (Short Message Service) to scam victims and steal their personal, sensitive, or financial information. The term smishing is a combination of SMS and phishing (an online fraud technique where criminals try to deceive people into providing confidential data, such as passwords or credit card numbers).

In which countries is it allowed?

In several countries, telecommunications regulatory authorities impose limitations or special procedural controls in the case of mass SMS sending, aimed at reducing the risk of smishing. However, these procedures effectively make it impossible to use the "Smishing Functionality" of Cyber Guru Phishing. As of now, Cyber Guru's smishing is available in Italy, Spain, France, Germany, and the United Kingdom.

How many SMS can be sent?

Within the CGP plan, a maximum number of SMS that can be sent over the course of a year is offered at no additional cost, equal to 4 times the total number of CGP users.

For example, for every 1000 licenses, a maximum of 4000 SMS can be sent per year (which can be directed to all CGP users or only to a subset of them).

NOTE. Before proceeding with activation, it is important to review the dedicated article on whitelisting for messages (SMS).

How to activate a smishing campaign

To enable a smishing campaign, the following steps must be followed:

  1. Access the "Company Management" section in the system.

  2. Go to Setup > Phishing to enable the SMS templates.

In this way, the system will also include SMS templates in the proposed campaigns.

It is essential for users to correctly receive the SMS that the "Phone" field is properly populated with the CORPORATE phone number of each user. The number must be entered including the full international prefix, followed by the user's phone number.

For example, for Italy, the number should be entered in the format 0039 followed by the phone number.

WARNING: if performing a mass import, it is important to ensure that the user's phone number in the CSV file is not saved in the "Number" format. In that case, leading zeros would be removed.

The SMS templates are recognizable and can be viewed in the "Training Material" > Templates" section, selecting the type "SMS Templates Only".

The SMS templates behave similarly to email templates, with the ability to test their functionality, modify their content, and customize the landing page associated with the template. This allows for optimizing the user experience and ensuring that the messages are consistent with the campaign.

The user will receive the SMS and by clicking on the link within the message will land on the landing page, and the click will be recorded.

WARNING: In the case of smishing, the only event that can be recorded within the Cyber Guru platform is the click event.

Disclaimer