"Smishing" is phishing via text message or mobile chat. It works differently than email but follows the same principles.
Mobile Phishing Tactics
- SMS texts claiming account verification is needed
- WhatsApp or Messenger messages from "colleagues"
- Package delivery notifications via text
- Banking alerts requesting action via text
- Calendar or meeting invites sent via messaging apps
Red Flags on Mobile
- Links in unexpected text messages
- Requests to verify or confirm identity
- Shortened URLs (bit.ly, tinyurl) from unknown senders
- Messages from contacts you don't recognize
- Urgency or threats in mobile messages
Mobile Security
- Don't click links in unsolicited texts or messages
- Verify sender identity before responding to unusual messages
- If urgent, contact the sender through a known channel (call, official app)
- Enable 2FA to protect against account takeovers
- Report suspicious mobile messages to {{team}}