Understanding Smishing: How to Protect Yourself from SMS Phishing Scams

First published on briangreenberg.net.

I’ve been inundated recently with an unusual number of fake SMS text messages. It’s hard to pinpoint the exact reason – perhaps it’s a seasonal spike, a reflection of the political election cycle, or scammers are becoming increasingly bold in their tactics.

This brings us to an important question: What is smishing? ‘Smishing’ combines ‘SMS’ (short message service) and ‘phishing,’ which refers to a specific phishing attack through text messages. These scams cleverly manipulate victims into revealing private or financial information. Scammers craft text messages that mimic legitimate sources, such as banks or government agencies, often creating a sense of urgency or fear. For instance, you might receive a message claiming a problem with your bank account and a link to ‘resolve’ the issue. Falling for these tactics can lead to severe financial loss or identity theft.

However, it’s crucial to handle such messages with skepticism. First and foremost, remember that legitimate organizations will never ask for sensitive information via text message. If you receive a request for personal details or financial information, it’s a red flag. Also, be wary of clicking any links in these messages. Such links could lead to fraudulent websites that steal your information or infect your device with malware.

Suppose you ever wonder if the authenticity of a message. In that case, avoiding directly interacting with it is the safest action. Instead, access the company’s official website by typing the URL into your web browser or contact the company through official channels. This way, you can verify the information without falling prey to smishing schemes.

Here are a couple of political texts I got this week. They both contain a link, which I never click on. I don’t even send back STOP messages as that will only confirm to the sender that it’s a good phone number, and the person will interact. Instead, I click the little link under the message that says “Report Junk.”

Clicking that little link will give me the following popup, allowing me to Delete and Report the Message as Junk. Instead of just deleting the message, doing this will reduce the number of smishing texts you ultimately get.

In today’s digital age, where personal data has immense value, staying informed and vigilant against such tactics is more important than ever. By understanding what smishing is and how to avoid it, you can protect yourself from these increasingly sophisticated and deceptive scams. Your knowledge and vigilance are your best defense.