smishing scam

As a business, you need to earn trust with your customers. That can sometimes be difficult to do given cybercrime is on the rise. SMS marketing is a powerful way to earn the trust of your customers and build lasting relationships.  However, there is also a strong possibility that your customers could fall victim to SMS phishing scams – known as “smishing scams”.

Fortunately, there are ways of protecting your clients and your brand from data theft by making your customers aware of smishing strategies. 

The best practice is to create a page on your website that describes the various types of smishing strategies SMS fraudsters use. By raising awareness about phishing, you not only protect your customers but also build trust with them.

What is Smishing?

Smishing is a technique used by cybercriminals use to steal personal data and access financial records. It is the same as phishing but conducted through text messaging rather than social media, malware on websites or spammy links in emails.

With a sufficient amount of personal data, cybercriminals can create fake accounts they use to exploit businesses, access bank accounts and register users for premium mobile services. 

Cybercriminals disguise phishing tactics by pretending to be from a reputable company. That means brands that engage with consumers via text message marketing, social media and search engines – in other words, digital marketing – are at risk of being used as an SMS patsy.

The three Smishing strategies used to defraud consumers: 

Create fake competitions or events


In this scenario, consumers receive a text message inviting them to register for a competition or event. It appears to come from a reputable company and asks recipients for personal information to enter the contest or attend the event. 

A recent example of bogus SMS messaging in the US are texts about Coronavirus. Messages claim the recipient recently came into contact with an infected individual and are asked to input personal details so they can be booked in for a test.

To help your customers avoid fake scams, tell them you will always advertise any competitions on your website, and in your physical premises if you have one. Whilst SMS is a great channel to promote competitions, make sure your customers are aware of this smishing fraud.

Credit Card Verification

A common smishing scam is a text message asking the recipient to verify their credit card details. Cybercriminals typically pose as a credit union or bank and ask recipients for their phone which they then use to call the person in an attempt to scam them. 

Another strategy is to prompt the recipient to call a toll-free number! Which has a voice recording asking them to enter their debit card number and PIN.

To protect your customers, inform them that you will never ask them for their cell number or their credit card details. Advise them that any such text messages are a scam. 

Spam links are a fraudulent strategy that most consumers are aware of in emails. Switched on consumers is know to avoid links sent by SMS, but to make sure… Inform your customers of the potential for malware to place it in spammy links. 

Spam Links

Whilst it is possible for brands to include links to relevant pages on your website. You may want to take the decision never to include links to protect your customers.

However, the easy way to avoid customers falling victim of malware strategies is to create clean URL’s! That clearly show your brands and the title tag of a relevant page.

Here are examples of what a spam link looks like alongside a valid link: 

Valid link:

Invalid link:

If your customers know your URL address and how a link embedded in an SMS should look. They will be able to identify when an SMS is from you and when a text is a smishing attempt. 

Immediate Call-To-Action 

Another smishing strategy which poses a problem for legitimate brands is the immediate response technique. In this scenario, the recipient will be told to act immediately or risk missing out on a deal. 

Time-sensitive strategies are common in marketing and SMS is a great channel for brands to elicit a quick response. 

Again, it is pertinent to ensure your customers are aware of this type of smishing activity and to make sure that links are checked. Also advertise the promotion on your website homepage! Where it can be easily seen and verified by your customers. 

If you become aware that cybercriminals are using your brand as a tool to scam your customers… You should inform everyone on your SMS list at the earliest convenience. 

Scroll to Top