• Home
  • Blog
  • What is Smishing? How to Protect Yourself from the Latest Texting Scams

What is Smishing? How to Protect Yourself from the Latest Texting Scams

Date Published:  July 19th, 2022Date Updated:  June 19, 2023

Summary: You’ve probably heard of email phishing, but there’s a new type of security risk in town. Meet smishing, short for SMS phishing. These arrive as a text message on your phone, and they’re not showing any signs of slowing down. Here’s what to look out for and how to protect yourself.

Email phishing is a well-documented (although annoying!) occurrence in many people’s inboxes. It’s a type of scam that usually involves a cybercriminal asking for money, personal information, or some other type of valuable, such as gift cards or tech devices.

There are four main types of email phishing but that’s not the only online security risk. There’s a new one in town: meet smashing.

What is Smishing?

Smishing gets its name from combining phishing (a cybercriminal sending a fraudulent message) and SMS (which stands for short message services, but you probably know it as texting). The sender’s goal is the same: to trick you into giving them confidential information. Smishing just happens to use text messages instead of email.

List of ways to protect your self from smishing attacks, detailed below, with an illustration of credit cards and passwords on a hook.

How to Spot a Smishing Attempt

Often, the signs of a smishing attempt are similar to the ones you may have seen in your inbox. The sender is just hoping that you’ll have your guard down and click on a link. Here are some of the most common attempts to be wary of:

  • A message from a financial institution asking you to update your account information or confirm your ATM code
  • A message asking you to update your login information or make a payment with a link
  • A message claiming that you won a giveaway or are eligible for a free product by clicking a link
  • A text from a suspicious or odd-looking phone number. Think: not the typical 10-digit layout or the same number repeated over and over
  • A text with a link, or a link that takes you to an unsafe site (such as no “https” in the URL)
  • Any urgent requests — if you’re concerned it’s real, either call the company that supposedly sent it or log in to your account via their app or website, not through the link in the message
  • Requests for money

These are just a few examples, but just like phishing has evolved over the years, we know smishing will, too.

How to Protect Yourself from Smishing Attacks

So you know what they look like. How can you protect yourself against them? Follow these tips and you’ll be able to rest more easily!

  • Never send personal information (think: billing information, credit card numbers, social security numbers) via text
  • Avoid clicking on links in a text
  • Verify requests from banks or retailers directly by going to their site or app instead of clicking on a link
  • Don’t respond to suspicious texts — block the sender and then delete the message

Plus, get a cybersecurity package for your phone. It’ll monitor the dark web for any personal information, and keep you covered with a million-dollar protection package, secure VPN, and more.

What to Do if You Experience a Smishing Attack

You can be incredibly careful and still fall for a smishing attack. It happens! If you’re concerned that your information has been involved in a data breach, here’s what to do:

  • Change your password to the compromised account. And if you use the same password for any other accounts, change it there, too.
  • Contact the organization. If you clicked on a link claiming it was from your bank, you can reach out and warn them that this is happening
  • Watch out for warning signs of identity theft. In other words, keep an eye on your credit score, bank, and credit card statements. Report any suspicious activity.
  • If you believe your identity has been stolen, report it to the FTC.

It’s important to remember that while there are cybercriminals out there, you can take steps to stay safer. It’s unlikely that you’ll get a virus or compromise information just from opening a text message. If you need to see more context than the preview window, just avoid clicking on any links. Be wary of any odd-looking or unexpected messages — whether it’s email phishing or smishing, you want to avoid it.


We’ve got the perfect cyber security package to pair with all your devices. Get EarthLink Protect+ powered by Norton and install it on everything from your phone to your laptop to your tablet. Oh, and psst: it pairs great with fiber internet.

Erin Ellison

Erin Ellison

Erin Ellison is the Director of Content Marketing for EarthLink. Her superpower is translating complicated tech jargon and concepts into language we can all understand. Erin has more than 15 years of writing experience for businesses, agencies, and the media. She currently lives and works in Atlanta.

See all posts from Erin Ellison.