Table of Contents
What is Smishing
Smishing is a portmanteau of SMS and Phishing and is used to describe phishing attacks delivered using SMS text messages. Due to the nature of text messages, smishing attacks have a much simpler appearance than phishing emails. You’ll find that almost all share the same three properties:
- A spoofed sender ID or random telephone number
- One or two sentences encouraging you to take urgent action
- A link to a URL, usually with something relevant to the topic in it.
Phishing Links in Text Messages
Unlike emails, the links in SMS attacks cannot be masked with alternative text. This means whatever link is presented to the reader is the link they will visit. For this reason, effective smishing attacks use domain names that match the context of the rest of the message.
Examples of SMS Phishing Messages
