How to Prevent Smishing

Share This Post

Smishing is a type of phishing that has been around for a long time but has become more prevalent and dangerous in recent years. We’re taking a look at what a smishing text is and how to prevent smishing from being dangerous to you.

What Is A Smishing Text?

Most people have heard of phishing scams. Phishing is when a cybercriminal sends you an email trying to tempt you to click on a link and enter some personal details or click on an attachment to infect your computer with some type of malware. Smishing is very similar to phishing, but rather than emails, it involves text messages. We’ve already taken a look at how to spot phishing emails, and the steps are very similar for spotting smishing texts. Cybercriminals send text messages to your phone to try and tempt you to click on a link. Unfortunately, when you click on the link, it’s the same as phishing – you will be lured into entering personal information so criminals can steal money from you. This is why it’s dangerous and why it’s so important to know how to prevent smishing.

Rise In Popularity

There has been a huge rise in the number of smishing attempts in recent years. To understand why, you have to look at SMS messages’ read and response rates compared to emails.

According to Gartner, 98% of text messages are read, and 45% receive responses. Comparatively, email open rates are relatively low, averaging around 20%. This makes the overall results of a phishing campaign relatively low-performing, whereas a smishing campaign can be much more successful.

Where there is a weakness, cybercriminals will take full advantage. We’ve seen plenty of smishing attempts pretending to be COVID-related, as well as texts from banks, courier services and payment portals like PayPal.

Can you really learn how to prevent smishing? No, not really – like email phishing, it’s really hard to stop the messages coming through completely. The important part of smishing prevention is to educate yourself on how to handle them so that they can’t scam you.

For more security tips, check out our previous blog posts on easy cybersecurity tips you can implement and cybersecurity for remote workers.

1.    Don’t Click on Any Links

The first tip for how to prevent smishing is to take a breath and not rush into clicking onto any links. These text messages are designed to make you want to click and fast. Many of them tell you that if you don’t act quickly, you’ll lose money or that you’ve been hacked, because those are most likely to make us panic. However, if you take your time and look at the content of the message and, in particular, the link itself, you will soon know that it’s a scam.

If you have already clicked a link and entered personal information, such as bank details or password information, then you must act quickly. Phone your bank or change your password for any applications that may have been or might still be compromised.

Text example

2.   Don’t reply to messages

The second tip is not to reply to these messages. Sometimes we get a text message which says something like ‘If you no longer wish to receive these messages, please send the word STOP’ – don’t do that, even if it sounds like easy smishing prevention.

Replying might actually result in you receiving even more of these messages; scammers might not know if these numbers are live or not, and when you reply, you confirm that yours is.

Of course, this smishing prevention advice is only for people or businesses you don’t recognise or to whom you haven’t provided contact information. Some legitimate companies do employ SMS marketing techniques. If you recognise the company or were expecting the text, you should be able to safely use the ‘reply with STOP to unsubscribe’ function.

3.   Phone the company

This is the easiest way to check if a message is legitimate or not and an important step in how to prevent smishing. If you receive a text message supposedly from an organisation, all you have to do is find the organisation’s contact information online – don’t use the number from the text – and contact them through their official channels.

If the text is real, they’ll be able to confirm it. If it’s not, many larger organisations will have a smishing prevention protocol to report the text, so others are less likely to be scammed. To report a smishing text yourself, you can simply forward it to 7726 – this will flag it to your service provider.

4.  Don’t install any apps

Smartphones can become infected with malware just as easily as computers. Sometimes you will get a text message asking you to click on a link to download an app to your phone. Don’t do it.

Like in phishing, when scammers want you to install malware onto your computer, the scammer wants you to download something that could allow them to do a whole host of things like steal money, remove data or make unauthorised purchases. Only install apps you trust from the official App Store or Google Play.

What if My Phone Gets Infected?

If you have clicked on a link that you think might have been suspect, or you have reason to believe your phone might be infected with malware, there are a few signs you can look for:
  • Excessive memory usage
  • Overheating
  • Battery draining more quickly than you would expect
  • Pop-up messages while using your smartphone web browser
If you think your phone is infected, your best bet is to make sure you have a backup of your photos, contacts and other information, factory reset the phone and start again. Cybersecurity doesn’t end with computers – any technology is liable to face hacking and malware, and the ways of going about it are only getting more sneaky. We hope you feel more confident in identifying what is a smishing text and what is not. If you’re concerned about how to prevent smishing in your business, please get in touch with us today – we offer cybersecurity and consulting services to keep your business safe. For more security tips and tricks, including how to recover from ransomware if you get infected, check out our blog.

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

How to use Microsoft to do

The ULTIMATE Microsoft To Do Tutorial

How do you handle your to-do lists? Do you write tasks on scraps of paper? Or do you pop them in a notebook? Perhaps you have a digital application such as Todoist!  If you’re a Microsoft 365 user, you already pay for a task management system! It is called Microsoft To Do.  We all have

Zero Trust Holy Grail

Is Zero Trust Security The Holy Grail OF Cyber Security?

USA president, Joe Biden, thinks that Zero Trust is the way to go in your cyber security journey, but, what is Zero Trust, and what does it mean for your business?  When it comes to your business, I’m sure you’ve got a strategy in place for how you’re going to win new business, market your

Scroll to Top