
SMiShing (short for SMS Phishing) is a type of social engineering scam that involves getting a text message from a false sender. The attacker will typically pretend to be a reputable source (such as your bank or PayPal), or claim that you have won a special prize and urge you to take action. Additionally, these texts are often sent with harmful links that spread malware to your device or steal your personal information. Read on to review the most common types of SMiShing scams and suggested tips to help you avoid this increasingly common fraud.
The video below gives more information about this recent crisis:
The Four Most Common SMiShing Scams

1. Bank Scams
A text message appearing to be from your bank that informs you of possible fraudulent activity or an account suspension. The message may urge you to click a link, provide your account number or to confirm personal information.
2. Toll Call Scams
The cyber criminal will text you to request that you call a provided phone number. However, that call may actually be charging you per minute and often times will purposefully keep you on hold so as to charge you more.
3. Malware Scams
The cyber criminal may text you a malicious link that if clicked, can install malware on your device that can make it possible for them to steal your personal information and account login credentials.
4. Service Cancellation Scams
The cyber criminal will text you saying that you’ve signed up for an unrequested service, but that you can cancel by clicking a provided link, which may make your personal information vulnerable.
6 Tips to Avoid SMiShing
1. Research
Research before you respond to a text that claims to be from a source that needs your information or for you to clink a link.
2. Nothing is ever free
When being told that you earned a “free trip”, “prize money”, etc. it is most likely a gimmick to entice you to divulge your personal information or release malware into your phone.
3. Do not reply if being asked about your personal information or finances
If you are asked to provide any personal or financial account information, this should be an automatic red flag. Your bank or other service provider will never text you for this type of information.
4. Avoid messages that contain “5000”
Lookout for messages that contain “5000” or display a number that is not an actual 10 digit phone number because this is a tactic often utilized by scammers to hide their identity and become untraceable.
5. Enable “block texts from the internet”
Your cell phone provider might offer a feature that will allow you to avoid spam text messages that have originated via the internet or an email address (not from another device).
6. Report SMiShing attacks to the Federal Communications Commission (FCC).
The FCC is committed to protecting consumers from unwanted telemarketing calls and text messages, and works closely with industry representatives to give consumers more control over the calls and texts they receive. You may also file a complaint with the FCC if you believe that you’ve received an illegal call or text.

How can iLOCK360 Help?
Did you know that your iLOCK360 membership can help alert you if your phone number may have been compromised?
iLOCK360’s proprietary CyberAlert can help you monitor your identity 24/7/365 for possible compromise on the Dark Web (i.e. the Internet’s black market). Available monitored elements include: Bank Accounts, Credit/Debit Cards, Email Addresses, Phone Numbers, Medical ID Numbers, Social Security Number, Driver’s License and Passport.
Want to know if your phone number may have been compromised by a cybercriminal on the Dark Web? Be sure to login to your iLOCK360 account to setup this feature today.