The Harrisburg University IT Helpdesk is aware of an uptick in fake SMS text messages. Cybercriminals are becoming more creative in how they gain unauthorized access to your accounts and personal information.


Please continue to be cautious when receiving text messages from numbers you do not recognize.


Smishing is a social engineering tactic that combines phishing with SMS text messages. Instead of cybercriminals using technical security flaws that your phone may have, they try to build trust with you through how you use your phone. Unlike regular phishing attacks where cybercriminals send malicious links to your email, smishing is where they send malicious links to your phone. A smishing attack can be a way to retrieve your personal and private details that cybercriminals can use. They may also use smishing attacks as ways to get money from you.


More can be found at What Is a Smishing Attack? – Microsoft 365


Protect yourself from falling for an attempt. Some tips on how to prevent smishing are:


  • Don’t respond to any unknown or unwarranted text messages.
  • Lead with caution at all times. It’s better safe than sorry.
  • If you’re unsure, research the company’s phone number and call them directly.
  • Never click on any random links sent to you.
  • Enable two-factor authentication on your personal accounts for an extra security.