How To Protect Yourself From SMiShing Attacks

We’ve all gotten them – a random text message from your bank, your phone provider, or even someone claiming to know you or a family member. Scammers are everywhere and not only do they send phishing attacks to your email but they’ve moved to your text messages. Smishing is the term used to describe these SMS text message scams and it seems like it happens every time we turn around.

So what are these attacks and how do we prevent them? Read on to learn more about smishing and what you can do to protect yourself.

Phishing Scams Play on Fear 

Most phishing scams take advantage of your fears, such as:

  • Someone stealing your money
  • Being accused of a crime that you did not commit
  • Someone doing harm to you or your family
  • Something embarrassing being revealed about you (whether it is true or not)

Phishers refine their scams over time, learning which ones work and which don’t. Given the short nature of SMS messages, phishers have a very limited canvas on which to work, so they have to be extra-creative in a smishing attack

Tips to Help You Spot SMiShing Scam Texts

  • Vet texts from your bank: Many banks don’t send text messages because they don’t want people to fall for smishing attacks. If they do send texts, find out what number they use to generate them so you will know if they are legitimate. Scammers can use spoofed alias numbers that look like they are from your bank, so you should still be skeptical and not reply directly. Contact your bank at their regular customer service number to see if the text was legit or not. If it is really your bank texting you, then they should know exactly what you are talking about when you call them using the phone number on your latest statement. If they say there are no issues with your account, then the text was obviously bogus.
  • Be suspicious of strange-looking numbers: Email-to-text services often list “5000” or other strange numbers that are not cell numbers. Scammers are likely to mask their identities by using email-to-text services so that their actual phone numbers are not revealed.

Preventing Smishing Texts From Reaching You

  • Use your cell provider’s text alias feature: Almost all major cell providers allow you to set up a text alias that you can use to receive texts. The texts still come to your phone and you can send texts, but anyone you text sees your alias instead of your actual number. You can then block incoming texts from your real number and give all your friends and family the alias you are using. Since scammers most likely won’t guess your alias and can’t look it up in a phone book, using an alias should cut down on the number of spam and smishing texts you receive.
  • Enable the “block texts from the internet” feature if available: Most spammers and smishers send texts via an internet text relay service, which helps hide their identities and doesn’t count against their text allowances (scammers are notoriously frugal). Many cell providers will let you turn on a feature that will block texts that come in from the internet.

Some Do’s and Don’ts When Receiving a Smishing Text

  • Don’t reply directly to any spam text message: This allows spammers to know that your number is legitimate and they can sell it to other spammers to bombard you with smishing messages
  • Do not give out any personal information via text message: Many of these scams will ask you to verify personal information such as account details or credit card numbers. Even if the text message looks like it is from a company you can trust, most companies do not request information through text message.
  • Don’t click on links in your text messages: Clicking on a link could install malware that can collect information from your phone and sell it.
  • Do report smishing scams: if you receive a text message that is threatening in any way to you or your family members, report it to the local authorities and to the Internet Crime Complaint Center (IC3).

Being aware of scams like these is half the battle. Staying vigilant and aware of a few common smishing techniques can go a long way in keeping yourself safe.


To read more on phishing attacks, head back to the blog:

Back-to-School Scams Target Students with Library-Themed Emails

7 Ways Hackers Steal Your Passwords

Study Reveals Phishing Identification and Data Protection Are the Top Problem Areas for End Users

Secure Sense is the security provider that cares. We are a team of experts with a passion for IT and protecting your organization is what motivates us daily. If you have questions or want to learn more about how we can improve your organization’s security, our services or just want to chat security please give us a shout. If you’re looking to guest blog, please send an email here.

You can also find us on TwitterFacebook,  LinkedIn.