Does it seem like you aren’t getting as many robocalls these days?
OK, maybe they haven’t slowed down that much; let’s just say they’ve leveled off. But you’re likely getting bombarded with more spam texts than ever before. A lot more. In December 2022 alone, more than 55 billion spam texts were sent out (or 1.8 billion per day!). To put that astounding number into perspective, just over 1.2 million spam texts were recorded in September 2021.
But when an unsolicited text goes from harmless advertising to seeking sensitive information, that’s when texting becomes “smishing.” (The term derives from SMS (short message service) + “phishing”).
What is the goal of smishing?
Similar to phishing attacks over the phone or by email, scammers send a text designed to trick the recipient into:
- Revealing personal information (like an account number, PIN, or login credentials).
- Downloading malicious programs from an attachment.
- Clicking a link that can activate malware.
“Not only can clicking on links download viruses or other malicious software onto your device, but it’s also possible for the scammers to capture the information you input and use it to access your accounts,” said Stephanie Ziegler, SELCO’s Financial Investigations Manager.
Note: SELCO will never send a link in a text without speaking with you first. In addition, we will never text, call, or email asking for sensitive information, such as your PIN, card information, or login credentials.
At first glance, these texts can appear legitimate, like they’re coming from your financial institution, utility company, or delivery services like UPS or Fed Ex. They may even address you by name. But they’re also often riddled with grammatical errors, which is a big red flag. And the more urgent the message sounds—the faster the message is trying to get you to take impulsive action—the bigger that red flag gets.
Here are a few examples of common smishing texts.
Can smishing be stopped?
As was the case with their predecessor robocalls, smishing can’t be stopped completely. But you can certainly slow them down by taking preventive measures:
- Treat unsolicited texts with an extra dose of healthy skepticism. The old adage, “If it’s too good to be true, it probably is,” absolutely rings true when it comes to spam texts. Question everything. “If you receive an unexpected text asking you to take action, even if it’s from a company name you recognize, go to their website or call in to verify they were attempting to contact you,” Ziegler said.
- Do not interact. Our natural instinct may be to quickly scan a text, respond, then carry on with our day. But if it looks like a junk message, it most likely is. Most importantly, never click a link or attachment in a text message you weren’t expecting. This could trigger malware that infects your phone.
- Block, report, repeat. Beyond the spam blocker that likely comes with your phone, there are lots of free apps that can help fortify your firewall. There’s always the tried-and-true National Do Not Call Registry, as well. Block the number, report it, then delete the text.
Smishing may be a funny-sounding term, but it’s no joke. By putting up a shield early, you can stop (or at least slow) the constant flow of these potentially dangerous messages.