A Few Things to Know About Smishing


Have you heard of “smishing” yet? If not, then allow me to introduce you to a rapidly growing techno-threat that is easy to fall for. I will also provide you an example of smashing and a few ways to protect yourself from it.

Smishing is a form of phishing, where someone tries to trick you into giving them private information. However, instead of getting the information via email, the attempt is made via text messages or SMS. The specific threat here is that many people have been conditioned to trust their text messages, even from a stranger. This may be partially due to our changing services or phones and forgetting the numbers of those we have had previous contact with.

The thing to note here is that if smishing were not successful, the would-be fraudsters would not be using the tactic. Unfortunately, the tactic is quite effective. In fact, according to Ember Technology, smishing is one of the fastest-growing cyber threats today, with as many as 84% of organizations experiencing an attack in the previous year.

Here is an example of a recent attempt made against me.

As you can see, sometimes these attacks will come looking like a service you may subscribe to. However, most are not this sloppy. Sometimes, they will look like an official government or IRS statement, an alert from a bank, an account suspension, or a prize. Just remember that important information from legitimate institutions will usually not be provided via text unless you have specifically asked for them to provide it that way.

There are a lot of threats to considering with smishing. Indeed, you should think about your personal phone. However, we must also think about the phones we give to our children. Furthermore, there is a considerable risk when thinking about the phones attached to our organizations. Simply educating ourselves on the potential threat and knowing what to look for can make all the difference. I would suggest knowing and sharing the following.

Ideas on How to Protect Yourself

There are several things you can do to protect yourself from a smishing attack.

  1. If at all possible, simply do not respond to text messages from numbers that are unfamiliar.
  2. If you feel compelled to reply to the message, only respond to the messages that you anticipated or when the sender has clearly identified themselves and their purpose.
  3. Do not respond to “Short Code” numbers that have initiated the conversation. These are numbers that do not look like phone numbers (E.g. 555-43).
  4. NEVER click on links provided by unknown numbers.
  5. NEVER install apps provided in a text message.
  6. If you get a surprise link from a friend, confirm that they meant to send the link before clicking on it.
  7. Consider getting a VPN for your phone.
  8. Above all else, if you have a doubt – LISTEN TO IT!

Want to learn more about cybercrime? Check out my article titled “Phishing Attacks on the Rise.