What is Smishing?
A blend of the words “SMS” and “phishing,” smishing refers to fraudulent attempts to obtain sensitive information via text messages. These messages might appear to come from reputable individuals or sources, such as managers or executives, banks, government entities, or other trusted organizations. The intent is to deceive the recipient into clicking a link, downloading an app, or providing sensitive information, such as personal or financial details or login credentials. This information could be used to target you with further phishing attacks or hack your accounts.
How to Identify Smishing
- Suspicious sender: The message might come from an unfamiliar number or a shortened service number rather than an official source.
- Urgent or alarming content: These messages often carry a sense of urgency, e.g., “Action Required” or warnings about account closures. They may also ask you to perform an action which seems strange (i.e., buying gift cards).
- Request for personal information: Texts asking for sensitive information should immediately be treated with suspicion. Legitimate organizations will not ask for personal information, passwords, or payment details via text messages.
Three Ways to Protect Yourself from Smishing
- Never click on unverified links: If you receive a text message prompting you to click on a link, verify the source before taking any action, even if it appears to be from a known contact. Even better, navigate directly to that organization’s webpage. Do not respond or interact with the text message.
- Avoid sharing sensitive information: Never share personal, financial, or login information. Reach out to the organization directly using an alternate communication method before providing any sensitive information.
- Regularly update and secure devices: Ensure your mobile devices have the latest security updates by enabling automatic updates whenever the option is available. Consider installing a reputable antivirus software on your devices.
Your security is our top priority. We will never contact you to ask for your financial or personal information, nor will we ask a third party to log in to your computer. If you receive a message requesting confidential information that claims to be from us, do not click any links and contact us immediately. It is critical to share this information with your team and continue to foster a vigilant workforce with regular training to help safeguard your business.