Smishing: A Variety of Phishing Attacks Utilizing SMS

Smishing: A Variety of Phishing Attacks Utilizing SMS

We discuss phishing often on this blog, and one method that often flies under the radar is smishing, or phishing that is conducted through SMS messages. Although email phishing is perhaps the most common method of conducting these scams, you should also be prepared to take on smishing, as it comes with its own share of unique challenges and dangers.

The Dangers of SMS Phishing, or “Smishing”

Ultimately, any plot carried out by a scammer that is trying to either pose as someone else or urge the user to do something particularly dangerous could be considered a phishing attack. This kind of definition goes beyond simple email scams, where you get a message in your inbox urging you to click on links or download infected attachments. There are other forms of phishing, like smishing using SMS messages or even vishing, where voicemails are involved.

Let’s go over how a smishing attack might look and how it’s similar to other phishing attacks out there.

  • An attacker communicates with someone within a business, gaining their trust or inspiring fear by posing as someone else.
  • The attacker provides a link, allegedly solving the issue at hand, or requests that the target provide them with sensitive information
  • The target obliges, giving the attacker exactly what they want, whether that’s sensitive information or access to it.

The biggest difference to keep in mind here is that smishing is sent through text messaging. Really, that’s it; it’s still a phishing attack, whether it’s sent through your email or text messaging app. The fact that it’s often unexpected, however, is what gets a lot of unsuspecting victims into trouble with these smishing attempts. While it is easy to put two and two together when you get an email phishing message, the same is not necessarily true for smishing.

Identifying a Text Phishing Message

Since smishing attacks are quite similar to phishing attacks, you can identify them in a lot of the same ways. However, the biggest challenge to identifying smishing attacks is remembering that they are a thing; make sure you keep this in mind, as well as the following throwaway signs of any type of phishing attack:

  • Suspicious URLs: Any unsolicited message containing a URL is worth a healthy amount of skepticism before clicking on it. The same can be said for a text message. If you get a message that is unexpected, you have reason to be cautious about the URL.
  • Grand promises or scare tactics: Smishing relies on the user clicking on links or sending information before they have time to think about whether they should do it. Any message with a sense of urgency, or those with large or unrealistic promises, should immediately be brought into question.
  • Too much familiarity: Most businesses use an amiable tone with their text message communications, but they won’t try to be all buddy-buddy with you if that’s not part of your business model. Be wary of any messages that treat you in a way that is inconsistent with the way a company normally works with you.

Avoiding Smishing Attacks

You can avoid smishing attacks in much the same way you can avoid traditional phishing attempts. Don’t click on links or send information if you have any reason at all to believe that the sender is inauthentic. If you don’t recognize the number, don’t respond without doing a little investigating on your part to confirm its legitimacy.

If you want to protect your business from phishing attacks of all kinds, work with White Mountain IT Services to provide your team with the training and technology to keep it safe. Learn more by calling us at 603-889-0800 today.

Related Posts

With technological advancements, challenges arise, and technical issues inevitably occur. This is where an IT help desk comes into play. Let’s explore how an IT help desk operates and why it is a valuable asset for any business.

Mobile devices like smartphones have become synonymous with productivity, allowing people to get work done while on-the-move, yet in the same breath, you could say they are synonymous with distraction. With the right practices and the right apps, how...
The United States Federal Trade Commission’s mandate is to prevent fraud and promote consumer protection in today's interconnected world, where the digital landscape continues to evolve at a rapid pace. The FTC recognizes the importance of safeguardi...
Scams are everywhere in our highly digitized world, which makes it especially important that everyone is prepared to deal with them—both personally and professionally. The publication Consumer Reports’ cover feature for its August 2023 edition is ded...
Amazon Prime subscribers recently received an email from the online marketplace, warning them of the prevalence of scams that took advantage of their offerings and brand recognition. Let’s go through the advice that this email shared, and compare it ...
Nowadays, you can’t afford not to have some portion of your business’ budget set aside for cybersecurity. The question is, how much do you need, and what should you be spending it on first? Let’s take a few moments to dig a little deeper into this qu...
Your business has to promote security whenever it can. In terms of keeping your wireless connections secure, the thought behind it is that if unauthorized people and machines can access your network without protections, they can do what they please w...
It’s undeniable that the smartphone is one of the best inventions of the 21st century. You can tell that by their adoption rates. These devices have completely changed the way people communicate, recreate, and work. They are so new that it’s funny to...
While it is important that your business implement comprehensive network protections, there are plenty of simple ways that your business’ cybersecurity could potentially fail. This could easily cost you heavily in your available capital, financial an...
Each year, we take some time and take a look at the most interesting new smartphones that are being released. Over the past few years, fewer companies are making smartphones and throughout the whole industry, innovation has seemed to slow. Whether th...
Businesses cannot afford to grow complacent with their network security, as it could make a significant difference between falling prey to an attack and remaining secure. The process of securing a network must be looked at holistically, from top to b...

One major aspect of your business’ security is how well your team is trained to preserve it. Let’s go over some of the aspects that you need to be sure you address as you educate your team.

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our offices in NH.  We will manage a local vendor for locations outside of our service area to provide onsite assistance when needed.


Onsite Computer Support Services are available to businesses within 60 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem NH and Portsmouth NH area.

White Mountain IT Services


33 Main St, Suite 302
Nashua, NH 03064


121 Riverfront Drive
Manchester, NH 03102


Client Help Desk      603-889-2210

New Client Inquiries   603-889-0800

Open Positions