[ skip to content ]

ODU Expert Warns of 'Smishing' Scams That Target Text Messages

By Noell Saunders

A cyber scam that could cost smart phone users a ton of money is on the rise as internet-based criminals move beyond the email inbox.

It's called "smishing," which involves scams that are presented like phishing emails, but sent via SMS (text messages). Scammers use these messages to trick targets into replying with personal information in order to access bank accounts or other online profiles.

For example, a fraudulent message might appear to be warning from a bank about an unauthorized charge.

Smishing scams have been around since as early as 2008, but are becoming more prevalent. It is one of the more dangerous scam techniques that exist today, said Hongyi "Michael" Wu, director of Old Dominion University's Center for Cybersecurity Education and Research.

"Most people trust text messages more than emails. Smishing messages often prey on people's sense of urgency," Wu said. "We often presume text messages come from our friends and trusted companies."

Wu said another major problem that often results in vulnerability is the way users are prone to make quick decisions when reading messages.

"Online users who use computers with large screens can view messages more carefully. In contrast, when we use mobile devices, we tend to skim through messages quickly and make mistakes" he said.

As the number of smart phone users increase in the U.S., Wu said it's likely that smishing attacks will increase also.

"In 2017, we are close to having over 200 million smart phone users. This large pool of potential victims naturally becomes a target for criminals," he said. "I also foresee that popular mobile apps will also be used by criminals for phishing in the future."

Although there's no foolproof way to block smishing messages entirely, Wu said the best way to avoid becoming a victim is to follow the same guidelines that have been set for other cyber scams.

Some of those guidelines include: avoid messages from unknown senders; don't click suspicious web links or phone numbers; invest in an anti-malware software that can identify smishing messages and; verify text message alerts from banks or credit card companies by calling them.

Related News Stories


ODU Awarded NSA Grant to Develop Cybersecurity Program

The National Security Agency Cybersecurity Core Curricula Development Grant supports the President’s Cybersecurity National Action Plan (CNAP). (More)


A Decade of Cyber Warfare: ODU Expert Discusses the Evolution of Cyber Attacks

Hongyi “Michael” Wu, director for Old Dominion University’s Center for Cybersecurity Education and Research, said the Estonia attack demonstrated the vulnerability of network systems and potential impacts. (More)

Refugee Model

VMASC Researchers Develop Groundbreaking Simulation Showing how Migration Process Batters Refugees

Innovative work at Old Dominion University’s Virginia Modeling, Analysis and Simulation Center has resulted in a potentially groundbreaking simulation of the cataclysmic effects for people trapped in the refugee migration process. (More)

Site Navigation

Experience Guaranteed

Enhance your college career by gaining relevant experience with the skills and knowledge needed for your future career. Discover our experiential learning opportunities.

Academic Days

Picture yourself in the classroom, speak with professors in your major, and meet current students.

Upcoming Events

From sports games to concerts and lectures, join the ODU community at a variety of campus events.