A form of phishing that uses SMS text messages to deceive victims into clicking malicious links, calling fraudulent numbers, or revealing personal information.
A form of phishing that uses SMS text messages to deceive victims into clicking malicious links, calling fraudulent numbers, or revealing personal information.
Think you've been targeted?
Paste the suspicious content here for an instant analysis.
No signup · 6 detection layers · Results in seconds · Cmd+Enter
Smishing combines "SMS" and "phishing." As people have become more aware of email phishing, attackers have shifted to text messages, which tend to have much higher open and click rates — over 98% of texts are read, compared to about 20% of emails.
Smishing is particularly effective because people trust text messages more than emails and often read them immediately without careful scrutiny. The small screen size of phones makes it harder to inspect URLs before clicking.
Common smishing attacks impersonate delivery services (USPS, FedEx), banks, government agencies, or popular services. They create urgency with messages about failed deliveries, suspicious account activity, or expiring benefits.
During 2023-2024, a massive smishing campaign sent millions of fake USPS delivery notifications. The texts claimed packages couldn't be delivered and linked to convincing fake USPS websites that captured credit card details for a supposed $1.99 "redelivery fee."