Written by

Beware the 'Smish': Unraveling the Latest Texting Scam and How to Guard Against It

"Guarding Against 'Smishing': Unmasking the Mobile Text Scams and How to Stay Safe"

In the ever-connected landscape of mobile communication, a new threat has emerged, and it's not in your email inbox but right in the palm of your hand. Enter "smishing" — a crafty fusion of "SMS" and "phishing" — where cybercriminals attempt to extract your personal and banking details through unsolicited text messages on your mobile device. These deceptive messages often pose as government agencies, familiar companies, or even parcel delivery services, using urgent language to grab your attention.

Amy Nofziger, Director of Fraud Victim Support at AARP, sheds light on the prevalent tactics: "We see a lot of it with people posturing as banks, saying 'This is Chase Bank, there is a hold on your account due to a security breach, click here to verify your information.'"

The Federal Trade Commission (FTC) paints a grim picture, reporting that Americans lost a staggering $330 million to smishing scams in 2022, with a median loss of $1,000. The success of these scams lies in our conditioned response to the familiar 'Ding!' of a text message, as our phones have become constant companions. Unlike email, texts often demand immediate attention.

In the realm of package-related smishing scams, seemingly innocuous messages may state: "USPS: Since your package address does not have a house number, we are unable to arrange home delivery for you. Please update online." Clicking on such messages could prompt a request for a "redelivery fee," cleverly designed to trick recipients into divulging credit card information.

Amy Nofziger offers a practical tip for consumers, especially during peak online shopping periods: keep a record of your orders, their sources, and the expected delivery service. Amidst the holiday rush, it's easy to mistake a smishing attempt for a legitimate communication. In case of doubt, she advises reaching out to the company directly using a verified phone number instead of relying solely on a text message.

As smishing evolves, so must our awareness and protective measures. In the face of these text-based scams, staying vigilant and adopting safe practices becomes crucial to safeguarding personal and financial information in the digital age.

"Defending Against 'Smishing': Cybersecurity Experts Share Vital Tips to Stay Protected"

In the ongoing battle against cyber threats, the rise of "smishing" — a blend of SMS and phishing — has brought a new dimension to digital deception. Stephanie Benoit-Kurtz, the lead cybersecurity faculty at the University of Phoenix College of Business and Information Technology, emphasizes the importance of exercising caution: "It is better to contact the company from their original website or phone number than to provide account information and login and password information from a bogus link."

Identifying a smishing attempt can be challenging, as these messages often masquerade as ordinary text messages. However, there are key indicators that can alert users to potential threats. Amy Nofziger, Director of Fraud Victim Support at AARP, provides valuable insights: If a text about a free gift or suspicious activity is sent to multiple people, consider it an immediate red flag. Legitimate messages usually provide information that you have willingly signed up to receive, while spam messages are more likely to solicit such details.

Recognizing the urgency created by smishing attempts, Benoit-Kurtz advises taking a moment to think before responding. Fraudsters thrive on impulsive reactions, often pushing victims to wire money, purchase gift cards, or divulge sensitive information. Nofziger concurs, emphasizing the significance of personal and financial information.

Once a smishing message is identified, it's crucial to take proactive measures to prevent future issues. Filtering out messages from unknown senders is a recommended step. Apple users can navigate to Settings, then Messages, and activate the "Filter Unknown Senders" option. Android users can achieve a similar outcome by going to Settings, then Blocked numbers, and enabling the "Unknown" option to block private or unidentified numbers.

Nofziger applauds the effectiveness of message filtering, stating, "It's a great tool that people can use to give yourself a little red flag." By acknowledging that an incoming message is not from your regular contacts list, users can take a moment to assess its authenticity.

For those who encounter smishing attempts allegedly from USPS, the advice is to attach a screenshot of the text message, including the sender's phone number and date sent, and send it to This email address is being protected from spambots. You need JavaScript enabled to view it.. This proactive approach contributes to the collective effort to combat smishing and protect individuals from falling victim to these increasingly sophisticated digital scams.

"Taking Control: How to Combat 'Smishing' and Mitigate the Impact"

When confronted with unsolicited messages on your iPhone from unknown contacts, there are proactive steps you can take to combat the ever-present threat of "smishing." For iPhones, tap the "Report Junk" option that surfaces for non-contacts, followed by a tap on "Delete and Report Junk." Android users can click on the person they wish to block, navigate to "More options," and select "Block & report spam."

A general strategy to combat smishing is to forward suspicious messages to 7726 (SPAM), allowing your wireless provider to identify and block similar spam messages. Additionally, you can report such incidents to the Federal Trade Commission (FTC) at reportfraud.ftc.gov, contributing to the broader effort to crack down on digital scams.

In the unfortunate event that you fall victim to a smishing scam, don't succumb to panic. Amy Nofziger offers valuable advice: if you clicked on a suspicious link, promptly have your computer checked for malware. Resist the urge to engage with any follow-up texts, even if they appear amicable. "Stop the communication, because at some point, they’re going to ask you to go to a link or to help you with your device," warns Nofziger.

Taking immediate action is crucial. Reach out to your bank to report fraudulent transactions or security breaches, enabling them to conduct a thorough investigation. Stephanie Benoit-Kurtz underscores the importance of swift reporting: "If you think you are a victim of a scam, make sure to report it to the financial institution or the organization right away. You can also contact the state attorney general’s office to report the issue."

By following these proactive measures and staying vigilant, individuals can regain control in the face of smishing threats, contributing to the collective effort to thwart digital scams and protect personal and financial information in an increasingly interconnected world.

Empowering Against 'Smishing' Threats

In the ever-evolving landscape of digital communication, combating the insidious threat of "smishing" demands both awareness and proactive measures. As technology users, we hold the key to safeguarding our personal and financial information from the clutches of cybercriminals.

The steps outlined, whether on iPhones or Android devices, empower individuals to take control when faced with suspicious messages. From reporting junk and blocking numbers to forwarding messages to spam reporting services, these actions contribute to a collective defense against smishing attacks.

In the unfortunate event of falling victim to a smishing scam, it's crucial not to succumb to panic. Swift and calculated responses, such as checking for malware on your device and resisting further communication, can mitigate potential losses. Reporting incidents to financial institutions, the FTC, and state attorney general offices not only aids in personal recovery but also contributes to the broader fight against cybercrime.

As we navigate the digital realm, the responsibility to stay vigilant and informed lies with each user. By adopting these practices and sharing knowledge within our communities, we strengthen the defenses against smishing and other evolving cybersecurity threats. Through collective action, we can foster a safer online environment and empower individuals to navigate the digital landscape with confidence and resilience.