“Congratulations! You’ve won a $500 gift card. Click here to claim your prize.”
As exciting as this news is, receiving an unexpected message like this is an example of a smishing or SMS phishing. In this tactic, scammers send fraudulent text messages to trick you into sharing personal information, clicking malicious links or making payments. These messages often appear urgent, enticing or just too good to be true.
Deleting suspicious messages immediately prevents accidental clicks and reduces the risk of falling into the scammer’s trap. Scammers often rely on the curiosity or urgency their messages create, so removing the message helps you avoid impulsive actions. If it’s a smish, be sure to report it to your mobile carrier. If the sender is impersonating someone from HM, call the IT Service Desk immediately.
Tips to avoid smishing attacks:
- Think Before You Click. Avoid clicking links in unsolicited or unexpected messages, especially from unknown senders.
- Don’t Share Personal Information. Legitimate organizations won’t ask for sensitive details, like passwords or bank account numbers over text.
- Verify the Sender. Contact the organization directly using official channels if a message claims to be from a trusted entity.
- Block and Report. Most phones allow you to block suspicious numbers and report spam messages to your carrier.
