In light of the rise in phone and text message scams (known as Smishing), the UK’s National Cyber Security Center (NCSC) has released new guidance for businesses to follow when communicating with their customers.
The guidance paves the way for businesses to create trustworthy communications that are credible and security conscious. The NCSC’s Technical Director, Dr Ian Levy, has urged all businesses to follow the guidance and do all they can to protect their customers from cyber crime and fraud.
Many businesses are reliant on text messaging and phone calls for mass communication, particularly for those that are in touch with the general public. The technology and systems used can’t guarantee to the recipient who the sender was and where the call or text originates from, hence why cyber criminals are able to disguise as legitimatise businesses and replicate their communications.
You want your business communications to come across as legitimate, so all content should meet high quality standards such as proper formatting and no spelling mistakes.
Here’s a few tips your business can keep in mind when creating content:
Speaking with a single voice
Telephone numbers, email addresses and SenderIDs should be kept simple, and the messaging should be consistent. The benefits of maintaining consistency are:
Texting needs careful consideration to present as credible.
SenderIDs – The text addresses that show instead of the phone number should build trust and they’re case sensitive
Shortcodes – These are five digit numbers which are provided by the individuals mobile network
Mobile numbers – Using this can look like a person-to-person message
As stated by the NCSC you should:
It’s fairly easy for cyber criminals to spoof a phone number -. cyber criminals in a different country can look like a local call number. You should have few official numbers, should be minimal and well publicised. You should also choose a provider that doesn’t route your UK-to-UK calls overseas. Criminals are known to originate UK calls from outside the UK, which causes overseas routed calls to be blocked even if legitimate.
Remember to do your due diligence before you begin putting services in place. Have you taken into consideration the following questions?
To help combat scams via phone calls, all businesses are advised to use the following guidelines:
For more information on smishing, phishing and how to protect your business, contact our cyber security experts today.