Short for SMS Phishing, this is when you receive a Short Message Service (SMS) or text message through a mobile phone from a number that is supposedly from a legitimate institution, but is actually sent by a scammer.
The scammer will try to get your sensitive data, including Personally Identifiable Information (PII) such as name, date of birth, home addresses, and social identification records, banking and credit card details, One-Time Passwords and account passwords. This may happen if you are tricked into clicking a link in the SMS that appears to be legitimate.
If you give your information, the scammer will use it to access your real account and steal your money.
Don’t be a Smishing victim
While banks and other financial institutions may send notification and confirmation messages to your registered phone number, you should go though the official channels (email or Customer Service Hotline) to confirm that the text message is authentic before you click any link or reply with any information. Never respond to a text message that requests your One-Time Password (OTP), PIN, online banking password or any other security credentials.
How this could happen
You get a text message that is supposedly from your bank. This message tells you to update your account details or your online access will be suspended, and gives you a link to click.
Because you’re convinced that it’s real, you click the link and fill up your account details.
The link is fake, and the scammer now has your account details (including your password).
The scammer uses your details to log into your account, and transfers your money to a different account or other electronic fund transfer service where it will be withdrawn immediately.
