Security glossary
What is smishing (SMS phishing)?
Smishing is phishing through text messages, usually using fake delivery, banking, or refund alerts.
Last reviewed: 2026-05-23
In plain English
Texts feel urgent and personal, which makes smishing effective.
Attackers often spoof known brands and include short links to fake login pages.
Phone-number exposure from breaches can increase smishing volume.
Real-world example
A text says your parcel fee is unpaid and asks for card details at a short URL.
What you should do
- Do not tap links in unexpected finance or delivery texts.
- Open apps directly and check alerts there.
- Block/report sender numbers and keep message evidence.
Related terms
What is phishing?
Phishing is when attackers pretend to be trusted brands or people to trick you into giving passwords, codes, or payment details.
What is a phishing campaign?
A phishing campaign is a coordinated wave of scam messages built around one story, like refunds, invoices, or security alerts.
What is SIM swapping?
SIM swapping is when attackers convince a telecom provider to move your number to their SIM card.