Home

Smishing

Smishing is a form of social engineering that uses text messages to obtain sensitive information or deliver malware to mobile devices. The term blends SMS (short message service) and phishing and reflects attacks conducted via ordinary phone messages rather than email.

Typical smishing messages impersonate banks, telecom providers, government agencies, or trusted brands and create urgency to

Risks include credential theft, financial loss, and malware installation. SMS lacks strong sender authentication, making spoofed

Prevention includes not clicking links or calling numbers from unsolicited texts, verifying messages through official channels,

trigger
action.
Recipients
may
be
asked
to
tap
a
link
to
a
fake
login
page,
call
a
number
to
verify
details,
or
reply
with
passwords
or
codes.
Links
may
lead
to
malicious
sites
or
to
install
rogue
apps,
and
attackers
may
spoof
numbers
or
use
short
codes
to
appear
legitimate.
numbers
difficult
to
distinguish
from
legitimate
messages.
Indicators
are
urgent
language,
unexpected
account
alerts,
and
prompts
to
reveal
codes
or
personal
information.
and
using
multi-factor
authentication.
Users
should
enable
spam
filtering,
keep
software
updated,
and
report
suspected
smishing
to
banks
or
mobile
carriers.
If
exposure
occurs,
change
passwords
and
monitor
accounts
for
unusual
activity.