Security Alert: SMS Phishing Attempt (Smishing)

Ai-generated image featuring hands holding a smartphone and looking through phishing emails

You may have received an unexpected text message claiming you owe money for unpaid tolls. Avoid clicking any links or providing personal information. Always verify official communications directly with the toll authority. Stay safe!

Example message of Toll SMS Phishing with a fake link

SMS Phishing: What You Need to Know

  • SMS phishing, also known as “smishing,” is a social engineering attack that uses text messages to deceive people into disclosing personal information such as passwords, credit card numbers, or login credentials.
  • Clicking on a smishing link can install malicious software on your device.
  • Smishing messages often look legitimate and may impersonate trusted entities like your school or employer, banks, government organizations, or well-known companies.

Common signs that an SMS may be malicious include:

  • It comes from an international phone number or your own phone number
  • It comes from an email address
  • Links and URLs in the message are copycat addresses that look similar to the real website
  • It comes from a location that you are familiar with like your hometown

How Smishing Works:

  • Fake Messages: Scammers send unsolicited SMS messages pretending to be from trusted sources, your school or employer, banks, or online services.
  • Sense of Urgency: These messages typically contain a sense of urgency, like a claim of a suspicious activity or a time-sensitive offer and aim to create a sense of panic.
  • Links or Phone Numbers: The message includes a link to a fake website designed to steal your data or a phone number that leads to a scammer posing as customer support.
  • Malicious Attachments: Sometimes, the message includes attachments that, when opened, infect your device with malware.
Example message of Toll SMS Phishing with a fake link

Common SMS Phishing Examples:

  • Account Security Alerts: Suspicious activity for your online account.
  • Prize or Gift Notifications: Messages claiming you’ve won a prize or gift card.
  • Tax or Debt Collection Scams: Fake messages from tax authorities or debt collectors.
  • Fake Delivery Notifications: SMS claiming a package delivery is pending.
Example message of Toll SMS Phishing with a fake link

How to Protect Yourself from Smishing:

  • Don’t Trust Unsolicited Messages: Always be cautious about receiving unexpected messages asking for personal information or directing you to a link.
  • Verify the Source: If you receive an urgent message, contact the organization directly using the official contact information (not the number in the message).
  • Avoid Clicking on Links or Attachments: Never click on links or download attachments from unknown or suspicious sources and delete the text.
  • Enable Two-Factor Authentication: Use two-factor authentication (2FA) for your online accounts to add an extra layer of security.
  • Report Suspicious Messages: If you receive a Smishing message, report it to your mobile carrier or the organization being impersonated.