What is Smishing?

Smishing, short for SMS and phishing, is a type of scam in which cybercriminals use text messages to trick victims into revealing personal information, stealing money, or compromising their devices.

Common Smishing Tactics

Smishing attacks blend social engineering tactics with the convenience of texting.

Urgent messages claiming to be from banks or financial institutions, warning of suspicious account activity or unauthorized access attempts, aim to panic recipients into clicking a malicious link or providing login credentials.

Scammers impersonate trusted institutions such as banks and government agencies with messages about tax rebates, stimulus checks, financial incentives, or account issues. By leveraging the authority of these entities, scammers prompt the recipient to divulge sensitive information or engage in transactions under the illusion of legitimacy.

Smishing messages frequently masquerade as legitimate updates or notifications from services that recipients are already interacting with or expecting communications from. These messages prompt action—clicking a link or providing information—under the guise of completing a routine transaction.

Which technique is NOT commonly used in smishing attacks?

View Options Again

Sending fraudulent update messages that request an action be performed. Impersonating a government agency to offer payouts. Using a pre-recorded message that is played when the victim picks up the phone. Using urgency to incite panic.

Seasonal Smishing

Smishers leverage seasonal and current events to create urgent scams, tapping into heightened emotions and interest, making their deceptive messages convincing and likely to be acted on.

Is the following statement True or False:
Smishers will take advantage of seasonal and current events to try to trick victims.

View Options Again

True False

What does a smishing message look like? (1 of 2)

In this real-world smishing attack example, the attacker impersonates a government agency, uses relevant events, and offers payment promises to invoke interest, leading to a phishing website.

What does a smishing message look like? (2 of 2)

This message is designed to imitate a common phishing tactic, exploiting a missed package delivery scenario. It creates urgency by suggesting additional charges and prompting the recipient to click on a fake link, potentially leading to a phishing site designed to steal personal information or login credentials.

What can you do to prevent smishing?

Preventing smishing attacks starts with awareness and adopting smart practices to safeguard your information. Here are a few key strategies you can follow:

Keep up-to-date with the news and be mindful of any smishing campaigns the media are reporting. Knowledge is a powerful tool for recognizing and avoiding scams.

Treat unexpected requests for personal information or urgent actions with suspicion, regardless of the source.

This adds an extra layer of security to your accounts, making it harder for attackers to gain access even if they have your credentials.

Smishing tactics are constantly evolving.

To effectively protect yourself, it's crucial to stay informed about the latest smishing techniques and security measures.

Why is it important to stay updated on smishing tactics?

View Options Again

All smishing messages are easily recognizable. It is not important; once you learn about smishing, you are set for life. Smishing tactics evolve, and new methods are constantly developed. Smishing tactics never change.

Is the following statement True or False:
Using multi-factor authentication helps to combat smishing.

View Options Again

True False

What to do if you've fallen victim to smishing.

If you suspect you've fallen victim to a smishing attack, acting quickly is crucial to mitigate any potential damage. Here's what you should do:

If you've shared financial information, contact your bank or credit card company immediately to report the potential fraud and secure your accounts.

Update passwords for any accounts at risk, especially if they were shared or accessed through a smishing link.

File a report with relevant authorities, such as your local police department. If you've been compromised on a company or BYOD device, inform your IT team immediately.

What should you do if you suspect you’ve fallen for smishing?

View Options Again

Contact your bank if you’ve shared financial information. Delete the message and forget about it. Share the message with friends to warn them. Ignore the message and hope for the best.

Staying Safe Is Up to You!

The best defense against smishing is awareness. Remember, stay informed, remain skeptical, and use multi-factor authentication whenever possible.

What is Smishing?

Common Smishing Tactics

Which technique is NOT commonly used in smishing attacks?

Seasonal Smishing

Is the following statement True or False: Smishers will take advantage of seasonal and current events to try to trick victims.

What does a smishing message look like? (1 of 2)

What does a smishing message look like? (2 of 2)

What can you do to prevent smishing?

Smishing tactics are constantly evolving.

Why is it important to stay updated on smishing tactics?

Is the following statement True or False: Using multi-factor authentication helps to combat smishing.

What to do if you've fallen victim to smishing.

What should you do if you suspect you’ve fallen for smishing?

Staying Safe Is Up to You!

Is the following statement True or False:
Smishers will take advantage of seasonal and current events to try to trick victims.

Is the following statement True or False:
Using multi-factor authentication helps to combat smishing.