When you get a text, do you respond to it? Almost half of us do. In fact, according to a Gartner Digital Markets report, people respond to 45% of texts compared to only 6% of emails.
The ability to reach people through texts has caught the attention of cybercriminals who send malicious text messages to try to steal your credit cards, login credentials to financial accounts or other personal details. It’s called smishing, and we’ll walk you through how to avoid it.
At Asurion, your online security is important to us. We can show you what to do if your phone has been hacked, how to avoid online scams, and much more. Here’s our guide to how to protect yourself against smishing.
What is smishing?
You may have heard of phishing scams, when cyber thieves send you emails or texts, or make phone calls pretending to be a company or person you know to steal your bank account login or credit card information, among other things.
Smishing is a specific form of phishing that targets people through short message service (SMS) text messages sent to a mobile device or messaging app. The goal is to try to trick victims into downloading malware or sharing passwords to steal money or a person’s identity.
How does smishing happen?
First, cybercriminals set up a fake account, often with a stolen phone number, to hide their identities. Then, they send SMS messages—often in mass quantities—to potential victims. They get your number either by chance (random dialing), paying for lists of working numbers, or by hacking into databases you’ve shared your number with when signing up for something or buying a product online.
If you respond to the smishing text, download attachments, or click unfamiliar links, bad actors may be able to access your personal data and steal from you.
Tech help at your fingertips
Get your tech questions answered now with our live expert support.
Identifying a smishing scam
When you get a text from a company or person you don’t know, be wary of it. Here are a few common signs to look for if you’re not sure if it's a genuine message:
Unusual activity or requests
If someone asks you via text for something out of the ordinary, like access to your computer to “help fix a software bug” or payment by wire transfer or cryptocurrency, ignore the text. They’re likely trying to scam you.
Cybercriminals prey on people by sending fake, urgent messages like “Reply now! Your account has been canceled,” or “Verify this purchase immediately.” Ignore these texts, they're likely trying to make you access a website to steal your information.
If a message sounds too good to be true—like an offer for a free gift card, a huge discount, or a “get rich quick” opportunity—it’s almost certainly a fake message.
In text messages, watch for links with shortened URLs (web addresses)—if you click them, they may infect your device with malware. Malicious links are often abbreviated to try to hide an obviously fake address.
Ways to protect against smishing
Here are some of our top tips for avoiding smishing attempts to your mobile phone:
Don't respond to unsolicited messages
Don’t download any files or respond in any way to unsolicited texts. If you respond, even to tell the sender to stop, they’ll know they’ve reached a working number. Just delete the message.
Never click links from unknown numbers
Don’t click links or open attachments from any source you don’t recognize—they may contain malicious software. Even if you think the sender might be legitimate, it pays to check it out before you respond.
Don’t share personal details
Never share personal information like your Social Security number or your bank account numbers via text. Government agencies or financial institutions don’t ask for personal details over the phone or in text messages.
Want to block smishing attempts altogether? Check out our guide on how to stop spam text messages.
Tried these steps and still need help? We got you. Get your tech problem solved when you call or chat with an expert now.