Never heard of smishing? We've got info on what they are, what they look like and what to do if you get one.
You’ve probably already heard about phishing emails, what they look like and what to avoid. Well, SMS phishing – or smishing, is the text equivalent. What do they look like and what should you do if you get one? We’ve got everything you need to know.
What is smishing?
Smishing’s a form of fraud. They’re texts that are made to look like they’re from a reputable company and try to get you to do something. That could be calling a premium rate number or sharing confidential info. Not cool.
Spotting a smishing message
Smishing messages can be convincing, and it’s easy to mistake them for genuine messages. There are some signs you can look out for though.
Careless spelling mistakes can be a clear sign something’s not quite right – keep an eye out for them.
Claims that your account’s in danger
Smishing messages usually tell you that there’s an urgent issue with your account. They’ll tell you that if you don’t act now, your account will be suspended or blocked. Fraudsters want to worry you and hope that you’ll follow their instructions.
There are other smishing tactics too. Like by saying, you’ve won something or have the chance to get an exclusive offer. They hope you’ll be so excited that you’ll do what they’ve asked, without thinking.
With messages like this, our tip is – if it looks too good to be true, it probably is.
What should you do if you get one?
Getting a suspicious message can be worrying. But just receiving one won’t affect the security of your personal info or phone. For the scam to work, you’d need to follow the instructions given in the message.
Forward it to 7726
Forward the message to 7726 – for free. You might get an automated response thanking you for the report and giving you further instructions if needed.
Is it genuine?
The easiest way to check is to ask the company the message is supposed to be from. They’ll let you know if it’s really from them or not.
Remember to use contact details from the company’s official website – don’t call any numbers given in the message.
Does it look like it might be from us?
From time to time, we may need to talk to you about a bill or a payment. If we do, we’ll send you a text and ask you to get in touch or to follow a link. The links we use begin with http://www.three.co.uk or http://3.uk and are safe for you to use.
Don’t click on any links
If you’ve received a suspicious message, don’t click on any links. Get in touch with the company it’s supposed to be from, first. They’ll let you know if it’s genuine or not. Until then, don’t click on any links or follow any of the instructions.
Think about it
Would the supposed sender really contact you like this? Most companies wouldn’t ask you to confirm sensitive info over text.
We’d never ask you to confirm any confidential information, like payment or personal details this way.
Responding to smishing messages may lead you to being targeted again – it’s best to ignore and delete it.
What happens if you respond?
These types of messages are designed to be convincing. So, if you fall victim to one – don’t beat yourself up. It really could happen to anyone.
If you’ve responded to a message that you think is suspicious, there are some steps you can take:
- Change your passwords. Do this as soon as you can for things like your Three account, online banking, and email address.
- Contact your bank. It’s a good idea get in touch with your bank, just to make them aware of the situation. They’ll be able to let you know the best course of action.
- Contact us. If you think your account’s been compromised, let us know – we’ll set up a security alert for you.
That’s everything you need to know about smishing. But if there’s anything else you’d like to know, check out our Fraud and Security page.