SMS phishing

From Wikipedia, the free encyclopedia
  (Redirected from SMiShing)
Jump to navigation Jump to search

In computing, SMS phishing[1] or smishing[2] is a form of criminal[3][4][5] activity using social engineering techniques. Phishing is the act of attempting to acquire personal information such as passwords and details by masquerading as a trustworthy entity in an electronic communication. Short Message Service (SMS) is the technology used for text messages on cell phones.[6]

SMS phishing uses cell phone text messages to deliver the bait to induce people to divulge their personal information. As the mobile phone market is now saturated with smartphones which all have fast internet connectivity, a malicious link sent via SMS can yield the same result as it would if sent via email.


Many of the same defences that apply for phishing also apply here. Smishing messages may come from telephone numbers that are in a strange or unexpected format.[7]


On March 9, 2012, Rewe issued a fraud alert regarding a large number of scam texts that offered a nonexistent $1000 gift card as bait.[citation needed]

In June 2018, the County of Orange Social Services Agency (SSA) warned residents of a phone/texting scam that attempts to obtain cardholder information of CalWORKs, CalFresh, and General Relief clients throughout California.[8]


  1. ^ "Phishing, Smishing, and Vishing: What's the Difference?" (PDF). August 1, 2008. Archived from the original (PDF) on 2015-04-01.
  2. ^ Vishing and smishing: The rise of social engineering fraud, BBC, Marie Keyworth, 2016-01-01
  3. ^ Protect Yourself from “SMiShing”, Robert Siciliano, Feb 22, 2012
  4. ^ "SMiShing", The free dictionary by Farlex
  5. ^ SMiShing, Forrest Stroud
  6. ^ SMS phishing article at
  7. ^ "What is Smishing?". Symantec Corporation. Retrieved 18 October 2018.
  8. ^ "County of Orange Social Services Agency warns of SMS text phishing/phone scam | Orange County Breeze". Orange County Breeze. 2018-06-26. Retrieved 2018-08-24.