Smishing

Smishing, or short message service (SMS) phishing, is the term those in cybersecurity use for text message scams. Similar to phishing with email, phishing with messages comes in many forms. Smishing could come in the form of a good old fashion text message or be received through chat services: such as WhatsApp, Signal, or iMessage. Regardless of what icon pops up on your phone, tablet, or computer, smishing can be damaging.

Smishing tactics vary and so we’ve compiled a list of the most common:

  • Shipping delay, delivery issue, or package status update.
  • Pending or suspicious charge on bank card
  • Urgent action request from a family member, colleague, or boss.
  • Unsolicited sexting

While this list is ever growing and changing, these are the most common reported fraudulent messages. So, how can you avoid falling for the scam, clicking on a malicious link, providing your credentials to a bad actor, opening a malicious payload, or performing some action for the wrong person? Well, it starts with common sense, but being cyber aware will help too.

  • If you arent expecting the message, pause and scrutinize it
  • Is the phone number in your contacts?
  • Does the message claim to be from someone you know or do business with?
  • Have you received a message like this before from the same person or business from the same number?
  • Does the link include the real business name and business domain (website)?

Using the questions above may help you figure out right away if this is a real message or smishing. However, always remember this:

  • Criminals like to use urgency, so you’ll bypass normal steps or accept some odd behavior the imposter is using.
  • Never click on links from untrusted senders, go directly to the website using a previously known good link.
  • Don’t respond to random people.
  • Verify the identity through the phone number (by searching online, asking someone else who knows the person, or contacting the company with a formerly known good phone number).
  • Use your best judgement, if it sounds too good to be true, it probably is a scam.

1 thought on “Smishing

  1. Pingback: Business target - One Page Awareness

Comments are closed.