Smishing is high up on the list of words that do not sound as intimidating or threatening as they should. Smashing the word fishing together with the “SM” for short messaging service (aka text), smishing is a cyberscam.
What does smishing look like?
You’ll get a text message that appears to be from a shipping company. You’re told you have a package coming, but that more information is needed to ensure delivery. You’ll squeal, “a package!” OK, maybe you won’t squeal, but you’ll feel anticipation and click on the link to help deliver that package to your door.
You might already be expecting a package. After all, as recently as June 2021, PWC was describing a “dramatic shift” toward online shopping. According to its most recent consumer survey, in the last twelve months:
44% of those surveyed bought online using a mobile phone or smartphone;
42% used smart home voice assistants to shop online;
38% used a tablet for online shopping;
34% bought something online via PC.
So, you might not think twice about clicking on a link appearing to be from a major delivery service.
Don’t do it.
What happens next?
You click on the link and are asked for personal information, even a credit card number or password. Otherwise, clicking on the link will download malware onto your phone. The bad guys use their access to snoop and/or send your sensitive data to its servers, without you knowing it.
The smishing scam is a global one:
March 2021 saw a 645% jump in Royal Mail-related phishing attacks, equating to an average of 150 per week.
UPS warns about this type of fraud on its website.