It’s crucial that we bring to your attention, once again, the persistence of a cybersecurity threat that directly impacts our organization – smishing scams. We have been informed that these deceptive practices are reoccurring, with employees receiving fraudulent text messages that misleadingly appear to originate from Republic Services’ Executive Leadership.
Smishing is a common social engineering tactic exploiting employees’ willingness to respond quickly to an executive. Hackers will target any cell phone they have a number for. This usually happens due to other websites and companies (Yahoo, Target, Home Depot, etc.) suffering a data breach that exposes customers’ personal data, such as cell phone numbers and personal email addresses.
These fraudulent texts can look like this:
To avoid these scams, follow these best practices:
- Don’t be rushed. Smishing scams attempt to create a false sense of urgency by implying that an immediate response is required or that there is a limited time to respond.
- Don’t reply, even if the message says you can “text STOP” to avoid more messages. That tells them your number is active and can then be sold to other bad actors.
- Don’t provide sensitive personal information in response to text messages – from known or unknown senders.
- Do copy the message and forward it to 7726 (SPAM). This helps your wireless provider spot and block similar messages in the future.
- Do report it on the messaging app you use. Look for the option to report junk or spam.
Republic Services maintains controls to help protect our networks and devices, but we also rely on you to help with our defense. If you believe that you have fallen for a phishing scam at work or have questions, contact InfoSec@republicservices.com.
Thank you for helping to keep our organization safe from cybercrime.
