Because it is Cybersecurity Awareness Month, this is a good time to discuss “smishing.” Smishing is a phishing scam that runs through SMS (Short Message Service), which is texting.  Smishing is a portmanteau word (a combination of two words) for SMS and phishing. Simply defined, smishing is a phishing attack that uses text messages to send a harmful link to your phone. The fact that smartphones are so common has increased our vulnerability to this type of scam. It is much easier to open and respond to a text message than an email, and this convenience is being exploited by criminals.

Smishing scams are increasing this time of year because many people are waiting on items they have ordered online. An example is a text that looks like a legitimate message from the postal service. The message urgently asks you to reply “yes” to receive a package that the postal service is having difficulty delivering because of an incorrect address. If you click on it, you will receive another text with a link, which could ask for personal information. The message may direct you to log into an online account, or even steal data on your phone.

These scams are effective because they urge you to take immediate action. It is best to adopt a “no click” policy and not click on any links in text messages. Remember, your financial institutions and merchants will not text you to verify information.