A Few Things to Know About Smishing


Have you heard of “smishing” yet? If not, allow me to introduce you to a rapidly growing techno threat that is easy to fall for. I will also provide an example of smishing and a few ways to protect yourself.

Smishing is a form of phishing where someone tries to trick you into giving them private information. However, the attempt is made via text messages or SMS instead of getting the information via email. The specific threat here is that many people have been conditioned to trust their text messages, even from strangers. This may be partially due to our changing services or phones and forgetting the numbers of those we have had previous contact with.

The thing to note here is that if smishing were unsuccessful, the would-be fraudsters would not be using the tactic. Unfortunately, the tactic is quite effective. In fact, according to Ember Technology, smishing is one of the fastest-growing cyber threats today, with as many as 84% of organizations experiencing an attack in the previous year.

Here is an example of a recent attempt made against me.

As you can see, sometimes these attacks will look like a service you may subscribe to. However, most are not this sloppy. Sometimes, they will look like an official government or IRS statement, an alert from a bank, an account suspension, or a prize. Remember that important information from legitimate institutions will usually not be provided via text unless you have specifically asked them to provide it that way.

There are a lot of threats to consider with smishing. Indeed, you should think about your personal phone. However, we must also consider the phones we give our children. Furthermore, there is a considerable risk when considering the phones attached to our organizations. Simply educating ourselves on the potential threat and knowing what to look for can make all the difference. I would suggest knowing and sharing the following.

Ideas on How to Protect Yourself

You can do several things to protect yourself from a smishing attack.

  1. If at all possible, do not respond to text messages from numbers that are unfamiliar.
  2. If you feel compelled to reply to the message, only respond to the messages you anticipated or when the sender has identified themselves and their purpose.
  3. Do not respond to “Short Code” numbers that have initiated the conversation. These numbers do not look like phone numbers (E.g., 555-43).
  4. NEVER click on links provided by unknown numbers.
  5. NEVER install apps provided in a text message.
  6. If you get a surprise link from a friend, confirm that they meant to send the link before clicking on it.
  7. Consider getting a VPN for your phone.
  8. Above all else, if you have a doubt – LISTEN TO IT!

Want to learn more about cybercrime? Check out my article titled “Phishing Attacks on the Rise.