COLUMBIA, Mo. – Smishing, a combination of “SMS” and “phishing,” is a type of cyberattack that targets individuals through SMS or other forms of text messages.

Smishing attacks are similar to email-based phishing attacks in which scammers lure victims into sharing personal information via text message by clicking malicious links or downloading harmful files and software. They typically disguise themselves as trusted sources and use social engineering tactics to manipulate the victim into taking undesired actions.

Red flags to look out for in text messages

• Requests to purchase or deliver an online gift card.
• Threats of prosecution if the user does not call a number or click a link.
• Informal language being employed in serious matters.
• Links that look different from the official bank/company/service address. (If you’re unsure what the correct link is, a simple Google search can reveal that.)
• Promises of money or benefits that are too good to be true.
• Messages from unexpected senders (for example, a tracking message for a FedEx package you didn’t order).
• Vague wording that doesn’t fully explain the reason for contacting you.
• Banks asking for card numbers, ATM pins or banking information (financial institutions will never ask you for this information).

More information

• Avoid the Temptation of Smishing Scams (Federal Communications Commission)

Originally posted by the MU Division of Information Technology.