How exactly do you get smished?
It happens when you become a victim of smishing. You might not have heard the term. I know I hadn’t until I stumbled across it while researching on the web. But if you’ve heard of “phishing”, it’s the same thing, just done via SMS messaging.
The way it works is someone, a hacker or criminal, sends you an SMS message that appears to be from a legitimate source – such as your bank or mobile carrier. The contents of the message are usually alarming. For example, your bank account has been frozen or compromised.
In the message they provide you with a link to a website or a phone number to call to fix the problem. If you click on the website, it will either download malware onto your phone or steal the account information you provide to login into what you think is your bank, or carrier. Once they have your account information, they can take your money or make purchases with your money.
Every step you take following the message directions usually looks genuine. They make the website look like your bank (cybercriminals pick big banks that many people use). The login page looks like the login page.
So you do what most people would do, you login.
What happens if you call a number they provide? The same thing, but usually you are connected to a live person who is skilled at getting information out of people. They’ll know the terminology, they may know your name and address. Before long you’ll be reading your credit card information to them because they sound legitimate.