Our members are experiencing a high rate of fraud attempts initiated through text messaging scams that cause the member to click a link that takes them to a lookalike domain where they enter their credentials. Outside of training for our members, does anyone have any good suggestions to help mitigate this type of fraud activity?
We do exactly that. The problem is, this is our customer base not our employees. While we do provide training, there's not much we can do but provide guidance.
1)You should investigate how the bad guys have obtained so many of your phone numbers.
2)Assuming it's a managed device (with MDM), deploy Cloud SWG/SSE to block fraudulent links.
3)Work proactively with a threat intelligence company to take down malicious domains, something like https://bfore.ai/.
1. It appears that our entire area code is likely being spammed. It could also be one of the local utility providers had a leak. We have a fairly mature incident response and vendor management program and can't seem to find any correlation between any events we're aware of and the data itself. The trick in small, rural areas is that since all services are "the only game in town", everybody uses them. There's not a good way to correlate. Also, many non-customers are also affected. There just aren't that many people in our area, so if you just start texting numbers in our area code, the chances of hitting on one of our members is about 1 in 10.
2. Not a managed device. As these are customer devices, all we can do is recommend garden-variety mitigations through their device OS, recommend filters, etc.
3. We do work with RSA for this. Domain takedowns take too long. I will look into bfore.ai. maybe response time would be better. Thank you for that recommendation!
A longer term solution is to get them to use your app and say you will never text them, you’ll only use notifications
Purchasing al lookalike domains is unlikely to really work