previous icon Back to blog
Jan 12, 2023
4 minutes read

What Is Smishing and How Can You Protect Yourself Against It?

Even if you’ve never heard of “smishing” you have almost certainly been the target of this type of cyber fraud. Smishing weaponizes SMS messages to scam recipients into disclosing sensitive personal information or to unwittingly infect a mobile device with malware.

For most of us, not a day goes by without one of these fraudulent texts appearing on our phones; some clearly fake, but others much more professional and persuasive. Businesses, health providers, and governments are also harmed by smishing, not just financially but also reputationally because the fraudsters use (that is to say, abuse) reputable brand names to perpetrate their crimes.  

Fraudsters are persistent because smishing works. Europol recently rounded up 59 scammers who were using stolen credit card details to purchase luxury items. Smishing is at the mobile heart of a payment fraud apparatus which in 2021 caused global eCommerce to take a $20 billion hit.

The best way to frustrate the fraudsters is to identify their false messages, and to always be on guard. In this blog we describe how you can do that, and so prevent yourself or your company from being “smished”. 

Phishing, Vishing or Smishing

The term “smishing” is a mash-up of SMS and the more familiar cyber scam of “phishing” where fraudsters use emails to cast their bait of false information. If the mode of attack is a voice message we refer to it as “vishing”.

fraud-monitoring-compromised-account

Whereas phishing is a scam that originated in the PC era, smishing and vishing are responses to the dominance of mobile communications and they are now increasingly prevalent. It is estimated that SMS attacks rose more than threefold during the first wave of Covid lockdowns in 2020, reflecting the opportunism of the fraudsters.

It’s not just individuals who are being targeted. The financial forensic experts Kroll reported that in 2021, 74% of companies were exposed to smishing, compared with 62% in 2020.

The rise in smishing attacks simply reflects the way we live now. We organize and record our lives on our smartphones, so this is where the fraudsters thrive. 

What Are the Most Common Examples of Smishing?

The Covid pandemic had a huge influence on smishing. As the lockdown forced us online for our shopping, we saw a huge increase in “delivery scams” with texts supposedly from UBS or FedEx urging us to click on a link to track our parcel or reschedule a delivery.

Fraudsters were extremely cynical in their exploitation of the Covid tragedy by telling people that they had been exposed to the virus or by claiming that they were entitled to certain Covid relief grants.

The isolation people felt made them more susceptible to “classic” scams such as fake bank or tax rebate messages. In 2020, the UK tax authorities received an astonishing 864,000 referrals of suspicious text messages; more than half a million offered bogus text rebates.

What all these smishing scams have in common is the sense of urgency with which they want us to act – i.e. to take the bait – before we’ve had the time to recognize them as fakes. This is the first telltale sign you should ignore and delete the SMS. But there are other ways to prevent being a victim of a smishing attack, and we shall conclude by looking at those. 

How to Prevent Smishing

There are some commonsense rules we should all observe:

  • If the SMS is unexpected, do not respond

  • Alerts from financial institutions can usually be verified online or by contacting them directly

  • Most smishing texts give the game away by random URLs, or URL addresses with HTTP rather than HTTPS prefixes which tell you the site is unencrypted.

  • Embrace two-factor authentication (2FA) which will thwart the fraudsters even if your account has been breached.

While growing awareness of smishing should over time reduce the menace, fraudsters are always looking to piggyback off the latest technologies to devise new scams.

Companies use SMS as a legitimate and highly effective marketing tool, often using SMS providers as CM.com to do that. Because smishing scams are essentially a numbers game, CM.com accounts are appealing targets for the fraudsters – they can hide their identity and send messages at scale free of charge. CM.com account holders should:

  • Enable 2FA on their account

  • Never share their API-token, or show it on their website(s) to end users, not even in encrypted form.

  • Set limits to monthly credit amounts so in the event of a breach, the damage is limited. 

CM.com is as determined to fight the smishing fraudsters as your telecom provider, your bank, and other targeted bodies, so if you suspect you have been a victim of fraud, contact the relevant organization as quickly as possible.

If you have any questions, feel free to reach out to your account manager or the fraud team.

Was this article interesting?
Share it!
CM.com
connects tens of thousands of companies with millions of consumers via their mobile phone each day. Behind the scenes, from our innovative platform, CM.com makes sure companies can use these millions of messages, phone calls and payments to become part of people’s lives.

Latest Articles

hero-17-sms-customer-service-templates-to-use-today
Apr 29, 2024 • SMS

17 SMS Customer Service Templates to Use Today

Using SMS customer service templates not only saves time but lets your support team create personalized, on-brand communications with just a few clicks. Today we’ll share business text message templates you can use to give your customers the information they need — fast.

SMS Security
Apr 18, 2024 • Security

Secure Your Business With SMS OTPs and Alerts

In the current digital era, technological and online advances are rapidly growing, creating new ways for businesses to engage their customers. Unfortunately, where there is growth, there will be criminals trying to steal some of the profits. Protecting business data, customer information, and online accounts is a priority for every modern business. SMS security can help protect your business and your customers from online fraud and cyber crime.

SMS Customer Service
Apr 08, 2024 • SMS

How to Effectively Use SMS for Late Payments

Organizations face a significant challenge in effectively managing overdue payments and cash flow in a positive light with customers. To collect payments while keeping relationships intact and increasing engagement, SMS has emerged as a powerful, efficient and convenient tool for both businesses and customers. In this blog, we’ll explore how to effectively use SMS for late payments, highlighting its benefits and best practices.

SMS Customer Service
Mar 11, 2024 • SMS

Optimize the Customer Experience with Valuable Insights and Direct Live Support via SMS

Add SMS to your contact center and help your agents to connect with your customers on the most reliable channel. Tackle more conversations at a time without losing that important personal touch, and gain valuable insights with streamlined SMS feedback surveys to enhance customer satisfaction rates.

SMS Appointment Notifications
Mar 05, 2024 • SMS

Streamline Your Business to Success with SMS Notifications

Appointment no-shows, delivery delays, abandoned online shopping carts, late payments - all of the above can be quite the headache for many businesses. SMS notifications offer a solution.

sms-vs-mms-vs-rcs
Feb 08, 2024 • SMS

SMS vs MMS - What is the Difference?

There are many different ways to send text messages, and the various names and acronyms may start to feel daunting. In this blog, we'll tell you everything about SMS and MMS.

sms-in-ecommerce
Feb 07, 2024 • SMS

SMS for eCommerce - Create a Successful eCommerce Strategy With SMS

Want to grow your business? Then customer contact is key. Now that everybody and everything is connected to each other via those powerful little computers in our hands, the way you communicate with customers is becoming increasingly important for your succes. Read all about how you can use SMS to elevate your customer contact, drive sales and create that loyal customer base.

how-popular-is-sms
Feb 07, 2024 • SMS

How Popular Is SMS in 2024 and What Is Its Added Value for Business?

SMS is one of the oldest text messaging services, and the rise of instant messaging apps definitely made a dent in SMS traffic. Contrary to the newer apps with their rich features, SMS is quite basic in its features- plain text messages, not fluff, and a character limit of 160. Regardless, SMS is still one of the most impactful communication channels today. Read all about SMS statistics and its continued value to modern business communication.

WhatsApp vs SMS: A Comparison For Businesses
Nov 30, 2023 • SMS

WhatsApp vs SMS: A Comparison For Businesses

WhatsApp and SMS are both immensely popular messaging channels. Both have their own unique traits, use cases, and added business value. We probably all acknowledge this, but what are the differences between these two exactly? What are the similarities? And more importantly, which one will add the most value to your business? In this blog we'll dive into the world of WhatsApp vs SMS.

Is this region a better fit for you?
Go
close icon