• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
Craig Hays

Craig Hays

  • Cybersecurity
  • Principles
  • Newsletter
  • Learn Cyber Security
    • Hacking and Defending User Accounts
    • Learning Guides
  • Contact
  • Show Search
Hide Search
You are here: Home / Phishing / Smishing (SMS Phishing)

Smishing (SMS Phishing)

Smishing SMS Phishing

Table of Contents

  • What is Smishing
  • Phishing Links in Text Messages
  • Examples of SMS Phishing Messages

What is Smishing

Smishing is a portmanteau of SMS and Phishing and is used to describe phishing attacks delivered using SMS text messages. Due to the nature of text messages, smishing attacks have a much simpler appearance than phishing emails. You’ll find that almost all share the same three properties:

  1. A spoofed sender ID or random telephone number
  2. One or two sentences encouraging you to take urgent action
  3. A link to a URL, usually with something relevant to the topic in it.

Phishing Links in Text Messages

Unlike emails, the links in SMS attacks cannot be masked with alternative text. This means whatever link is presented to the reader is the link they will visit. For this reason, effective smishing attacks use domain names that match the context of the rest of the message.

Examples of SMS Phishing Messages

An EE phishing text as viewed on an iPhone

See inside a real smishing attack.

Primary Sidebar

Newsletter

Want to get smarter about cyber security? Join my growing list of newsletter readers for exclusive news, reviews, how-tos, and more.

· © Craig Hays, 2006–2023 ·

  • Phishing