Smishing (SMS message) Scams

Smishing (SMS phishing) is a cyber scam where fraudsters send fake text messages to trick people into revealing personal, security and financial information. These messages often appear to be from legitimate sources that you trust such as, credit unions, banks, government agencies or delivery services.

• Urgent or threatening language - Phrases like “immediate action required” or “your account will be closed” are red flags.
• Suspicious links - Includes URLs that look unusual or shortened. ALWAYS hover over links before clicking to check the real destination.
• Unfamiliar sender - Texts from unknown numbers or ones slightly different from official sources.
• Requests for personal information - Legitimate companies will NEVER ask for PIN’s, passwords, or full card numbers via text.
• Too-good-to-be-true Offers - Promises of free money or refunds you weren’t expecting.

• Think before you click - Avoid clicking on links in unexpected or suspicious texts.
• Never share personal information - Legitimate companies don’t ask for sensitive data over SMS.
• Verify directly - contact the company through their official website.
• Enable security features - Use spam filters and fraud detection settings on your phone.
• Stay informed - Keep up with the latest scam tactics to recognise new threats.

• Don’t reply - Even responding with “STOP” can confirm your number is active.
• Don’t store sensitive data on your phone - Avoid saving sensitive data in messages, notes, etc.
• Don’t trust caller ID alone - Spammers can spoof official numbers to look legitimate.
• Don’t download attachments from unknown messages - These could contain malware.
• Don’t assume all messages are safe - Even texts from known contacts can be compromised.