Never heard of smishing? We've got info on what they are, what they look like and what to do if you get one.

You’ve probably already heard about phishing emails, what they look like and what to avoid. Well, SMS phishing – or smishing, is the text equivalent. What do they look like and what should you do if you get one? We’ve got everything you need to know.

What is smishing?

Smishing’s a form of fraud.  They’re texts that look like they’re from a reputable company and try to get you to do something. That could be calling a premium rate number or sharing confidential info. Not cool.

Spotting a smishing message

Smishing messages can be convincing, and it’s easy to mistake them for genuine messages. There are some signs you can look out for though.

Spelling mistakes

Careless spelling mistakes can be a clear sign something’s not quite right – keep an eye out for them.

Claims that your account’s in danger

Smishing messages usually tell you that there’s an urgent issue with your account. They’ll tell you that if you don’t act now, your account will be suspended or blocked. Fraudsters want to worry you and hope that you’ll follow their instructions.

There are other smishing tactics too. Like by saying, you’ve won something or have the chance to get an exclusive offer. They hope you’ll be so excited that you’ll do what they’ve asked, without thinking.

With messages like this, our tip is – if it looks too good to be true, it probably is.

What should you do if you get one?

Getting a suspicious message can be worrying. But just receiving one won’t affect the security of your personal info or phone. For the scam to work, you’d need to follow the instructions given in the message.

Forward it to 7726

Forward the message to 7726 – for free. You might get an automated response thanking you for the report and giving you further instructions if needed.

Is it genuine?

The easiest way to check this is to ask the company it’s supposed to be from. Use contact details from their official website – don’t use any contact info given in the message. They’ll let you know if it’s really from them or not.

Don’t click on any links

If you’ve received a suspicious message, don’t click on any links. Get in touch with the company it’s supposed to be from, first. They’ll let you know if it’s genuine or not. Until then, don’t click on any links or follow any of the instructions.

Think about it

Would the supposed sender really contact you like this? Most companies wouldn’t ask you to confirm sensitive info over text.

We’d never ask you to confirm any confidential information, like payment or personal details this way.

Don’t respond

Responding to smishing messages may lead you to being targeted again – it’s best to ignore and delete it.

What happens if you respond?

These types of messages are designed to be convincing. So, if you fall victim to one – don’t beat yourself up. It really could happen to anyone.

If you’ve responded to a message that you think is suspicious, there are some steps you can take:

 

  • Change your passwords. Do this as soon as you can for things like your Three account, online banking, and email address.
  • Contact your bank. It’s a good idea get in touch with your bank, just to make them aware of the situation. They’ll be able to let you know the best course of action.
  • Contact us. If you think your account’s been compromised, let us know – we’ll set up a security alert for you.

 

That’s everything you need to know about smishing. But if there’s anything else you’d like to know, check out our Fraud and Security page.