Smishing (a portmanteau word made of the expressions SMS and phishing) is another social engineering ploy. It’s a phishing technique involving a malicious text message. In other words, it’s a cyber threat aiming to send you a virus or to make you do something harmful to yourself through a text message.

We tend to be more reactive with our phones. We will respond spontaneously to any message. Hackers know this. By using mobile phone text messages (SMS), they look to trick you into taking an immediate action.

Many smishing attacks combine an SMS and a ‘false sense of urgency’ to leverage this trend more effectively. The malicious SMS sent is conveying a sense of emergency to lure victims in taking action even quicker.

People sometimes tend to be more inclined to trust a text message than an email. In fact, we are very aware of the security risks involved with clicking on links in email, but this is less true when it comes to text messages.

Attackers particularly like smishing since it’s a low cost attack. An internet phone system (VoIP) server, a burner cell phone and a spoofing method: that’s all you need to send a virus through targeted text messages. With applications such as BurnerApp and SpoofCard, it is easy and cheap to purchase a spoofed number to text from.

Share with us your experience. Have you ever faced a smishing attack?