Smishing - What is it and why you need to be aware

You've probably already heard about phishing emails, what they look like and what to avoid. Well, SMS phishing – or smishing, is the text equivalent. What do they look like and what should you do if you get one?

Spotting a smishing message

Smishing messages can be convincing, and it's easy to mistake them for genuine messages. There are some signs you can look out for though.

Spelling mistakes - Careless spelling mistakes can be a clear sign something's not quite right – keep an eye out for them.

Claims that your account's in danger - Smishing messages usually tell you that there's an urgent issue with your account. They'll tell you that if you don't act now, your account will be suspended or blocked. Fraudsters want to worry you and hope that you'll follow their instructions.

There are other smishing tactics too. Like by saying, you've won something or have the chance to get an exclusive offer. They hope you'll be so excited that you'll do what they've asked, without thinking.

With messages like this, our tip is – if it looks too good to be true, it probably is.

Think about it - Would the supposed sender really contact you like this? Most companies wouldn't ask you to confirm sensitive info over text.

They will never ask you to confirm any confidential information, like payment or personal details this way.

Don't respond - Responding to smishing messages may lead you to being targeted again – it's best to ignore and delete it.

What should you do if you get one?

Getting a suspicious message can be worrying. But just receiving one won't affect the security of your personal info or phone. For the scam to work, you'd need to follow the instructions given in the message.

Is it genuine?

The easiest way to check is to ask the company the message is supposed to be from. They'll let you know if it's really from them or not.

Remember to use contact details from the company's official website – don't call any numbers given in the message.

Don't click on any links

If you've received a suspicious message, don't click on any links. Get in touch with the company it's supposed to be from, first. They'll let you know if it's genuine or not. Until then, don't click on any links or follow any of the instructions.

What happens if you respond?

These types of messages are designed to be convincing. So, if you fall victim to one – don't beat yourself up. It really could happen to anyone.

If you've responded to a message that you think is suspicious, there are some steps you can take:

Change your passwords. Do this as soon as you can for things like online banking, and email address.
Contact your bank. It's a good idea get in touch with your bank, just to make them aware of the situation. They'll be able to let you know the best course of action.
Contact mobile phone provider. If you think your account's been compromised, let them know – they will set up a security alert for you.

If you have any concerns about smishing or your data protection policy, feel free to contact us.

London Office

Birmingham Office