Did you get a notice that Chrome just updated its ad policies when you opened it last month?
Take a closer look at the privacy settings! Chrome’s most recent update is seeking to use different advertising permissions to show you more relevant ads. Instead of third-party cookies, Chrome will now be using ‘Topics’ to give websites the info they need to show relevant ads. This is a slight upgrade, but not nearly the same level of privacy offered by Mozilla Firefox, or Edge on work computers. As such, you may want to change the settings!
The easiest way to do that is to click the button to change your preferences at the bottom of the popup the first time you get it – this leads right to the settings themselves, and you don’t have to navigate through any menus. If you didn’t read it when it popped up and just hit ‘okay’, don’t worry, turning it off is still pretty easy!
Go to the settings tab, from the dropdown menu in the upper right corner of the browser menu (where you would normally go to look at your browsing history or bookmarks in the default browser). From there, go to Privacy and Security, then Ads Privacy, and look for Ad Topics, Site Suggested Ads, and Ad Measurement, the three new items launched with that announcement popup. You may or may not want to disable them, but either way you should look them over and see what they’re doing with your browsing data.
Firefox and Edge
We recommend Microsoft Edge for work computers. It’s fast and secure, and constantly updating to ward off threats and vulnerabilities. For work purposes, it really doesn’t get much better than that!
What about off-work, when those ads are more likely to get you? Firefox has many great add-ons, including ones that block cookies altogether and make you much harder for advertisers to profile. Nothing short of TOR can truly prevent you from being identified while browsing, but sometimes, you just don’t want to be followed around by ads for dog food because Google figured out when you tend to run out.
The single biggest problem with AI right now is people abusing the shortcuts it presents. Much like real life shortcuts, the AI shortcuts involve wading through tall grass, walking on private property, and trying not to pick up ticks on the way. We’re seeing a wave of AI-generated literature hitting the market, and it’s becoming concerning.
The first wave was children’s books. Children’s books? Whatever. Children’s books are popular entry points for people looking to get into the self-publishing business, which comes with pros and cons; you may find a real gem of a book for a child going through something specific (many large publishing houses are reluctant to publish books like that because they may not sell well), but you may also find a lot of books written by people who think kids don’t care about quality: they whip up something quick and generic, buy some illustrations from an artist online, format for print-on-demand from services like Ingram Spark (or sometimes Amazon) and collect a teeny bit of money from passive sales.
For the people actively trying to make quality books for the art of the process, this is just more noise in the background they’ll have to compete against, but for the people looking to make a quick buck off of a book, generative content has streamlined the process. AI removes some steps at the expense of quality (and copyrightability).
The messaging an AI comes up with may be unsuitable for certain lessons, but many kid’s books are – you’re expected to use them as a teaching guide, read in conjunction with other books, and not the single wellspring from which you teach a child morals. “The Giving Tree” and “Little Red Hen Bakes A Cake” teach opposite messages about sharing, and both of those were written by humans. You’re also generally meant to know what you’re getting into when you read it, as in you should read it yourself before you read it to a child. That alone filters most of the issues you could run into with an AI-made book (bad message, bad or disturbing art, etc.). Yes, AI kid’s books are now all over the place, but kid’s books were all over the place before that, too.
When we get into serious guides, however, there’s an issue: any parent, guardian, or babysitter knows that you can’t be telling kids “Actually, Hitting Is Always Okay!” but those same people wouldn’t know not to trust a fungus guidebook with bad advice in it. It moves past common sense into real expertise.
Fungus Guidebooks
Mushrooms are delicious. Foraging for food is fun. Many people want to try fancy mushrooms that either can’t be farmed or can’t be transported, but lack the necessary knowledge to tell a chicken-of-the-woods from a witch’s butter mushroom. Worse, if they think they do and grab the wrong fungus by mistake, they can put themselves into liver failure and die.
The bad news is that almost every edible mushroom has an inedible-to-poisonous lookalike: even the grocery store staple, the white button mushroom, has wild doppelgangers that are incredibly poisonous. The good news is that there are a handful that are tasty, and have lookalikes that are more like cousins instead of twins appearance-wise. Morels and puffballs, for instance, have lookalikes with obvious giveaways, so they’re generally pretty safe to forage if the forager has good instructions. Speaking of which, all foraging instructions need to be tailored to the region they will be foraging in, and consider invasives like the ”angel of death” mushroom, which – as you may guess – is a poisonous lookalike that snuck up on unsuspecting foragers expecting a native edible.
A growing awareness of just how dangerous foraging can be, combined with a desire for unusual foods straight from the Earth with limited processing, is creating a huge demand for guides.
Thus sprung up a number of AI-generated fungus foraging guides, with a nonexistent author’s name on the front. Again – kid’s books are one thing, but a foraging guide relying on generative content programs like ChatGPT is practically an unexploded landmine for anyone unlucky enough to buy it without realizing.
As cited in The Guardian (linked below), sometimes these guides will name an edible mushroom, but give advice not appropriate for the region, even though the book is supposedly up-to-date.
Sometimes they advise tasting the mushroom to identify it, which is bad for two reasons: one, poisonous mushrooms don’t often taste bad or bitter, and two, a handful of poisonous lookalikes are deadly enough to kill you even if you make it to the hospital in as little as a bite. Tasting a mushroom, deciding it tastes fine, and then dying later is exactly what people are trying to avoid when they buy mushroom guides. Taste is not one of the metrics by which expert mycologists determine species. ChatGPT thinks it is. Putting these two on the same footing without even a disclaimer is a serious problem.
The worst that can happen if an AI writes a bad kid’s book or digital recipe is a waste of a few dollars and time. AI-generated field guides to mushrooms with no human supervision over the writing are borderline criminally negligent. The reading party has no way of knowing their instructions are bad or inaccurate because ChatGPT’s main goal, once again, is not to be correct but to sound human.
ChatGPT has gotten worse at a number of things since its introduction to the public. The problem with publicly-fed generative content programs like ChatGPT is that they will always be both producing into and siphoning from the same pool of information. As more of its own text ends up in the pool, the chatbot forgets more each day what color the pool used to be (or what people used to sound like). The pool gains a noticeable purple tinge, but unfortunately for the creators, siphoning out the individual particles that are turning it purple is borderline impossible at this stage, so the best they can do is add more new information to try and dilute it back to its original quality, which isn’t a real solution either.
ChatGPT has already scraped a ton of data. A large portion of the open internet has been fed into the machine. Finding more at this point requires dealing with large companies and their copyright laws (think publishing houses asking authors to allow their books to be scanned) so fixing it by adding more human text is not the easy way out, but it is the easiest out of the options available to that company, up until they start including books written by AI into the mix, and they’re back at square one.
What To Do About It
The unfortunate side-effect of having an automated writing buddy to make whatever you want, for free, is that free access to a sellable product makes a lot of less scrupulous people stop caring about whether or not the product is any good.
This is relevant – people trying to give tips to kids who don’t want to write their own graded essays are telling those kids to fact-check what it writes, but people slinging AI-written articles don’t even care enough to read over it once and filter out inaccurate information. As a result, passable AI content that’s true is less common than passable AI content that isn’t! ChatGPT thinks there are freshwater species of octopus right now. It thinks that because there are accounts of freshwater octopus online that exist in the same state of mind as sightings of Bigfoot, and it simply extrapolated that these two tropical octopuses (which are very much saltwater ONLY) are actually freshwater, for some reason: https://www.americanoceans.org/facts/are-there-freshwater-octopus/
While this article has no listed author, this is such a bizarrely inaccurate and yet specific mistake to make that a human author seems unlikely to be the culprit. The idea that a human author on this ocean fun fact article website just randomly grabbed at two scientific names for octopuses out of the hundreds of species known, but didn’t bother to do even a shred of research into what kind they are is the sort of thing you’d see on a skit show.
Included in that image is my search bar on today, October 17th, 2023, and this is the first result that pops up in answer to my question.
Now, both of these incorrect articles may be fed back into the machine and spit out something even more wrong. All of the easy ways to flag articles like this are discouraged by the nature of the beast itself. Some people don’t like AI being used to write fluff pieces because it took that from a human, some don’t like it because they know it’s not accurate, but either way they don’t like it. So instead of owning up to it, sites like the ocean site don’t list an author at all. No author, and no disclaimer of AI usage means that the programs feeding ChatGPT can’t filter it the easy way by looking for labels. The hard way doesn’t work either: AI detectors are routinely wrong, having evolved as an afterthought and not a precaution. If the program listened to an AI detector, there would be no content to feed it on at all.
The snake is starting to eat it’s own tail, and if it’s not corrected, it will continue to get worse.
A browser cookie is a little snippet of data that the browser stores while the user is browsing. Websites use cookies for their ‘remember me’ functions, for example – if you tick the box under your log in and ask the website to remember you, it will, using a cookie.
The same goes for online shopping – when you’re logged in, the website remembers what you have in your cart by saving that information elsewhere. However, even when you’re not logged in, the page remembers what you’ve added to the cart, sometimes (depending on your browser and the website’s settings) even after you’ve left the page, closed the browser, and shut down the computer. Coming back a day later, the website will still have those items in your cart even though you’re still not logged in. That’s the convenience of a cookie!
It may not be immediately apparent, but this actually has quite a few security implications.
The Good
Websites use cookies to figure out if they should show you certain pages. If you’ve logged out in one tab, switch to another, and keep trying to shop, the website will put a hold on things before checkout (as long as checkout’s a separate page. It is on most websites).
The Bad
The downside to having cookies that keep you logged in is that if someone else gets their hands on your device, they can access everything that the browser has stored password cookies for. Example: You don’t log out of Facebook, but you close the browser. You let a friend use your computer to look something up real quick, but they notice Facebook pops up in the web bar. Suddenly they have access to your Facebook.
Or, logging in to Amazon on a friend’s device to order something, and then leaving without logging out, makes it possible for that friend to buy something on your account completely accidentally!!
Additionally, cookies can be ‘read’ by hackers and public WiFi providers like Starbucks or McDonald’s, but that security issue isn’t exclusive to cookies. Tracking cookies and other such shenanigans are usually used for advertising purposes, but that can be a security concern too, if privacy is a part of your security considerations.
These aren’t all the security risks of cookies, but they’re the most obvious, and the most likely to trip up a user.
Mixed Considerations
Cookies have more functions than simply recording logins. Some can take your device’s diagnostic data, some can recall settings you set the last time you visited a webpage, and some can track you. Tracking cookies are exactly what they sound like: cookies that track you as you travel along the web. These cookies can be used to form a long-term record of a user’s browsing history, which is obviously a concern – most people would be creeped out by someone following them through the mall, watching what stores they go into and what items they come out with. The same goes for cookies. Why does CarMods.com want to see what I’m buying for my tropical fish?
Any website that has something to gain from knowing what websites you visit, your potential interests, what kind of recipes you save, what kind of sports you watch or political sites you follow – they can use that to sell you something, and that something can be ideas.
Blocking Them
Cookies aren’t an enemy, and many just set out to make your life easier.
However, if you’re interested in keeping cookies from following you, for good or for bad, there are many options on the market. Some browser extensions like adblockers will also block cookies, and there are many third-party extensions built exclusively to keep websites from tracking the end user (you should always research the company you’re downloading from beforehand). Simply browsing in incognito mode or regularly erasing cookies along with your browsing history don’t require you to touch anything third-party if you don’t want to, as well!
Ads for VPNs give their two biggest benefits as often as they can: that you can watch shows blocked in your home country using one, and that hackers using the same public WiFi network can’t steal your data as long as you’re encrypting it with a VPN.
The first one is relatively easy to understand, but how does the second trick work?
1) Simply Saying They Are Something Else
One of the easier methods of tricking a connection is to simply create a hotspot near a public wifi source, and name it the same thing as the legitimate source. If there are two ‘Starbucks Café 9812’ Wifi channels available, the duplicate may catch out users. After that, the hotspot’s creator can intercept any data sent over the connection.
2) Using Specialty Tools
Unsecured Wifi is dangerous in multiple ways – loose, unencrypted packets of data travelling over the Wifi connection can be caught by a hacker and decoded into readable information using something called a WiFi sniffer. Information that your computer will not pick up by default can be found this way, and with it, data sent over that unsecured connection.
Using a WiFi channel with a password is generally good enough to prevent that from happening, however.
3) Hoping For Poor Security Practices
If a public spot’s router is not set up correctly, it might be possible for a bad actor to get into it as an administrator, with all of the permissions that entails. If the router is still using a default dictionary password, a dictionary attack might crack it, and give the bad actor those admin privileges that way. And, if a bad actor got onto the network legitimately, they may be able to execute a man-in-the-middle attack where they trick the target computer and the router into sending potentially sensitive data through them first.
VPNs
VPNs, or Virtual Private Networks, add an extra layer of security via encryption to information as it passes from the user’s computer, to the router, to the VPN’s server where it is unencrypted, to the website where the request was directed, back to the VPN’s server so it can be re-encrypted, and then back to the router and ultimately the device, where the information is unencrypted.
That’s good for protecting the user from many of the security issues associated with Public Wifi, but it’s not the be-all end-all of security – you must pick a VPN carefully if you intend to use one, because using a VPN means putting all of that data in their hands instead.
Proving something or someone has a monopoly in today’s era of technology is difficult – but not impossible. The Department of Justice alleges that Google is hogging advertising space and overcharging for it as a result, as well as illegally (allegedly) incentivizing popular phone brands to use Google products as their default.
On Devices
Most mobile smart devices come with a built-in browser. Even when that browser isn’t Google Chrome, the browser itself uses Google for searches until a different default search engine is set. Opening Firefox or Safari and just typing a query directly into the URL bar will almost always (unless a different default is set by the user beforehand) search that query using Google. Many android devices come pre-installed with Google products like Google Maps. Users can ultimately change their defaults, but it would be difficult with the sheer number of apps that are pre-installed. Sometimes, uninstalling an app isn’t actually an option, either, as many frustrated Android users discovered when trying to uninstall apps like Google TV or YT Music. You can download other apps that do these things, but you can never be rid of the Google version without jailbreaking the phone, which takes a bit of technical know-how and often voids warranties or violates carrier contracts. This could just be because Google is huge and its big web of services are convenient… or, as the suit alleges, it could be that Google is illegally paying phone manufacturers to never try the competition, like Bing or DuckDuckGo.
On Ads
The Department of Justice alleges that since Google has shut out rivals in the search engine game, it’s also shut out any rivals that could compete with it in advertising spaces. Since most people use Google, Google ads cost consumers more to buy them. It’s (alleged) excessive control of search prevents users from using or seeing ad serving competitors, creating a self-sustaining cycle where they are always the more valuable search engine.
Google denies this – they say that Google’s chokehold on internet searching is because Google is the superior product, not because it has shut other products out.
Stifling Competition
Google has a lot of money. It uses this money to further its own existence, a result of a shareholder system that insists the shareholders must see some new growth, or else the CEO gets kicked. It’s the natural gravitational pull of such a system in a world where money can buy or smooth over nearly anything. When a business loses control of its motives, it loses control of itself. Did Google behave unethically? Probably – it doesn’t take a trial to suggest such a system encourages unethical behavior, whether legal or not. Did Google behave illegally? That is to be determined in the DoJ’s trial.
Headphones, speakers, and keyboards generally aren’t going to have a range over 30 feet – some can’t even hit that. Generally speaking, devices don’t go over 30 feet because they don’t need to, and making them powerful enough to do so makes the battery drain faster. If your device is far away, it may not connect, or keep disconnecting and re-connecting.
2) Are you trying to connect to the right thing?
Many devices have bizarre serial number names that you can only find in your user’s manual, especially if the device is not a name brand like Microsoft or Apple. When you start trying to connect your phone to your new Bluetooth headphones or speaker, make sure you know what its real name is!
3) Are you following the pairing instructions?
Many devices have light indicators on them somewhere to signal whether or not they are connected. Blinking lights usually mean a device is looking for another Bluetooth device to pair with, but not always. Sometimes things blink just to indicate that they aren’t connected. Follow your user’s manual!
Along with that, are both devices seeking a connection? Bluetooth can be on and open, but if the device isn’t in search mode, it might not connect where it’s supposed to until one or both devices are told via their Bluetooth menu that they’re supposed to work with each other.
4) Is the battery charged?
Bluetooth takes a fair amount of power to broadcast, and the signal may get weaker before the device is fully dead. If you notice your speaker suddenly wants you to be closer to make it work, it might be time to charge it, or change the batteries.
5) Has it been on for a long time, with no breaks?
You can also try turning both devices off and back on again. Any device with RAM can have things clog it up, and turning a device off usually fixes it and gives it a fresh start.
6) How old is your other item?
Bluetooth is backwards compatible, so it’s rare to find two Bluetooth compatible devices that won’t work together. It’s rare, but not impossible! Some older and simpler devices have a hard time overcoming the barriers between each successive Bluetooth upgrade. Which device has the newer version of Bluetooth seems to matter as well – my phone will connect to an older Bluetooth car radio transmitter, but my MP3 player will not. A new car radio transmitter will connect to the MP3 player and the phone just fine.
Footnote – Security
It’s not a good idea to leave Bluetooth on when it’s not in use! When you’re done using it, turn it off. Bluetooth can be tricked into connecting to strange devices a number of ways, and be used to take data off of your device. The good news is that most devices only ever expect to connect to one other thing at a time, so as long as your phone is tied to your speaker, another device won’t be able to connect via Bluetooth.
The amalgamation of smaller websites’ features into bigger websites comes with ups and downs.
The Pros
1) Hardiness
The way that servers used to work, individual clicks counted towards fractions of pennies of hosting costs, and bigger websites that had bigger requirements got better rates because they paid more overall. If a smaller website got linked to from somewhere bigger, and the ordinary traffic quintupled, the website’s owner could be out of a lot of money. The other option was to simply let the traffic take the website offline temporarily, which was also ugly: it made DDoSing smaller websites for political or social reasons pretty easy. Big websites with big servers and lots of through-flow don’t have to worry about that. DDoSing Facebook, for example, would be almost impossible, and would cost a ton of money in equipment and electricity to even try.
2) Family of Services
Amazon’s numerous smart home devices are undeniably convenient (although it comes with many trades). You can simply ask Alexa to turn on your Smart lights, add frozen onions to your shopping list, ask it what a new air fryer would cost from Amazon dot com, and ask it to order it for you all without getting out of bed. None of that would be possible if Amazon were not a sprawling mass of other, smaller services purchased or created for the sole purpose of supporting Amazon.
3) Ease of Communication
While smaller websites alongside websites that allow for small, closed groups to communicate (like Mastodon and Discord) have an easier time controlling their user culture, bigger sites like Reddit, Twitter, MySpace, etc. can connect people with what they’re looking for much easier. Crowdsourcing an answer to questions that don’t exist anywhere else is something that forum sites excel at.
Additionally, social media is so common that some businesses extended their official helplines down into Twitter or Facebook to make it easier for customers to reach them wherever they can be found online.
The Cons
1) Tangled Services
The new Facebook (Meta) app Threads requires an Instagram account to log in. Threads demands a lot of info about you. If you made an account, saw some bad news about Threads, and wanted to leave, you wouldn’t be able to do so without deleting your Instagram account. Threads is holding that account hostage.
When big websites buy smaller websites, the services can become entangled, or watered down for profit-making reasons. If there’s no substitute, then tough luck – you’ll put up with the downsides or you’ll leave.
2) Being Presentable
Trying to bring up a site to meet censorship requirements held by giant access chokepoints like app stores or parent websites can make a purchased website stop working. For example, trying to make Tumblr fit into the Apple App Store’s standards crushed it: Tumblr’s NSFW ban caught plenty of art and random unrelated pictures in the crossfire thanks to an open-sourced, poorly trained algorithm being deployed to moderate, and a big portion of the userbase left never to return. Is the website better now? Not really, but it meets the App Store’s standards.
Similarly, if a web services vendor the size of Amazon decides they don’t like a website and won’t be supporting it any longer due to content concerns, that website may simply vanish as a result. Whether that’s fair or not, giving one big company the power to decide what is acceptable behavior starts getting ethically tricky.
3) Standards for Banning
Being banned on some sites means being banned from their entire family of services. Meta in particular holds a lot of enforcement power because of the vast array of products it has (Instagram, Facebook, VR services, etc.) and some cost money. Unknowingly violating the ToS of a site could result in being kicked from multiple other places.
This also creates the problem of restricting access to ‘official channels’ of businesses or the government. As said above, some businesses want people to be able to reach them on social media. Oftentimes tweeting at a company gets them to respond quicker. Getting banned for something unrelated restricts access to help.
4) Genuine Conspiracies
Conspiracies about everything from Flat Earth and Indigo Children to Cambridge Analytica and 9/11 Trutherism riddle social media. Cults can recruit through Facebook now! On an even larger scale, misinformation campaigns designed to undermine elections or start fearmongering also target the people on Facebook.
Big sites make a better target for the big, organized attacks using deliberate misinformation, although small sites are not immune to it – on a forum like Reddit, where everyone is a stranger and everyone is on the same standing, arguing something insane but confidently can sway people who’d never agree with someone who was standing right in front of them, saying the same thing.
5) Trends In Site Design
You may have noticed that Instagram and Tumblr both became more video-focused after the success of TikTok. Facebook launched Threads after it started to look like Elon Musk’s “X” (formerly Twitter) might stop holding the average Twitter user’s attention. Most major social media works with the same handful of advertisers, and most have similar, but not identical, designs.
When something is trending and working for another big website, the other big websites want to hop on and do the same, whether their original userbase wanted that or not.
You may want to put your device into sleep mode when you need to save your battery life, when you need to move it, or when you need to step away from your desk for a period of time. Sleep mode doesn’t turn your computer or laptop off, it just conserves power. Open programs are paused, and the screen is turned off.
Some devices will turn off if left in sleep mode for an extended period of time, so you shouldn’t leave any work on your computer unsaved while the screen is closed or off. Your computer may go into sleep mode if it is left idle.
Rebooting
Rebooting shuts down your computer, and then immediately restarts it. This will often solve issues with programs that have gotten stuck, are crashing, or are otherwise struggling – when the computer is turned off, they are forced to start fresh. This goes for any other programs open on the computer as well, so be sure to save your work before you restart!
Shutting Down, and Then Restarting
This is the same as a reboot, but you decide how long to leave it off. Sometimes, programs will prevent the computer from shutting off all the way during a reboot (or they will keep doing the last thing they were doing before a reboot, if the computer’s RAM is not completely wiped), so by waiting 30 seconds to make sure it really is turned off and all the components have powered down, you force those programs to restart too.
Do you get strange solicitations for all sorts of things in your messages? Are you getting texts from email accounts, or massive group-texts to you and everyone within a couple of digits of your number?
That’s Smishing.
Phishing
Phishing is the process of sending emails with dangerous, annoying links in them hoping that someone on the other end will click them. These emails can be broadly targeted or narrow, well written or not – it all depends on the person on the other end of the line. Broadly targeted emails with many people on the receiving end tend to be poorly written to weed out people who would flake out halfway through. Narrowly targeted emails aimed at individuals or specific companies tend to be much better, because they’re willing to invest the time needed to get them.
Phishing happens via email, but it comes in a variety of flavors, and setting rules such as ‘don’t click links’ and ‘don’t look at ads for services you didn’t sign up for’ can wipe a lot of the problems out. Phishing is still incredibly common, and many people (including the elderly, people who are reading in a different language than their native tongue, younger kids with email addresses, etc.) still fall for them… but where tech innovation goes, scams soon follow!
Improvement to the Tech
There was a time when sending mass texts in hopes of securing some personal data was time consuming and expensive. There was a time when you couldn’t just send emails to a phone number or vice versa. Nowadays, all of these things have become possible. Everyone worth scamming has a smartphone. Very few plans ask users to pay per text, instead of per gig (or meg).
VOIP and assorted messaging apps all blur the lines between email, phone calls, text messages, app-based messaging services, and more. Of course, the market has encouraged this. If users have to trade apps to stay in touch with friends on a different app, they’ll generally do so. It’s in every app’s best interest to work with eachother, and most will enable users to send and receive messages with minimal issues. There aren’t a ton, but the handful in existence is plenty. Plus, Google and Outlook will allow you to direct-message phone numbers now, as long as you have the full ten digits.
Smishing
Smishing, just like phishing, involves sending messages trying to get people to click sketchy links inside or engage further with the scammers. Sometimes it happens with one number sending directly to one number, or one number to many, and sometimes an email address is able to send you messages directly.
Shot-gun blast smishing, just like regular phishing, is targeting people who don’t know better than to click on strange links or respond to “adult links” texts with incoherent rage. Now that many delivery services use text messages, unsolicited texts about a meal or package delivered to the target’s house may cause them to click the link in the message without pausing for a second to think about all of the other messages they should have received beforehand. The phone is new territory, and they hope you’ll fall for it because it’s new and blends in a little better.
There is a more dangerous version of smishing – if they know who they’re texting, and they can text coherently, getting info or clicks out of the target becomes much easier because they can custom-fit those texts to said target. If someone uses your name, you’ll assume you know them from somewhere – and a text is already so personal, it’s hard to blame people who fall for it. Shotgun blast smishing only gets the folks who were vulnerable, but a good, targeted attack could fool many more. This obviously also applies to regular phishing, but because phone numbers all look the same, and phones can be misplaced while desktops can’t really be, bluffing your way into getting ‘emergency information’ from someone is just a smidge less difficult.
Viruses are still a potential problem for phones. The only issue is that they have to be custom-made for the phone type the end user has, or else they won’t be able to successfully infect that device. While many people use their phones for their internet browsing, a great many more use their desktop for everything, and so the scammers of the past would just use the desktop virus and hope they caught something.
Smishing introduces a new angle – phone numbers will generally lead to phones, meaning that they can use that custom-made phone virus and almost guarantee themselves a win as long as the target actually clicks the link.
Epidemic
Unfortunately, unlike phishing calls or emails, smishing is easier to spam with and doesn’t usually require a list of preexisting emails. Think about it: a phone number has a set number of digits with ten possible placements, 0-9. An email not only has the entire alphabet on top of all of the numbers, the length varies from the shortest possible username to the longest one. You can’t simply BS your way into a working email the way you can with a phone number, you’d have to buy a list and plug it into the spam machine to send messages.
Enforcement, too, is easier to evade. If a smisher’s email gets banned, they can simply make another one by the same mechanism that makes spamming emails without a list difficult, and continue to spam phone numbers. As emails and phone numbers get blocked out, online services allows them to continue messaging. If those services get complaints about the spam? Simply make a new account there, too. Easy, fast communication is vital to many people, businesses, and services today, so all of this is easy and accessible by design.