Skip to main content
RBC
SMSishing scams start with a text from an impersonator trying to get you to believe they're someone they're not. Here's how to stay safe — in two minutes or less.

Smishing (aka SMSishing or SMS Phishing) may sound like a made-up word,* but it’s a common digital scam that’s a growing problem. Here’s the deal on smishing — in two minutes or less.

What’s smishing?

Smishing is a text message scam. SMS (aka text messages) + Phishing = Smishing. Cyber criminals try to trick you into giving up private information using text messages as bait.

How does it work?

Attackers send you a text — claiming to be someone or an organization you know — and include a link or number to call. This link will go to a phony website, download a file, or call a scammer who wants your personal or financial information.

How can you identify and avoid smishing?

Take two minutes — the time it takes to brush your teeth — to ask yourself:

  1. Who is this really? Scammers can hijack a phone number, or hide the number they’re using by making it look like a legitimate one. The safest move: Don’t click links in a text and don’t call the number.
  2. Is this normal>If a government department (e.g. CRA, Statistics Canada), telecom company, or a financial service provider contacts you and you’re not sure it’s the real deal, contact them using the information provided on official channels. For example, call the number on the back of your bank card or credit card, or contact the CRA directly via the numbers listed on their official website.
  3. Are you being asked for sensitive information? Or money? If you actually win a grand prize, they won’t text you to pay the taxes. Your real high school sweetheart wouldn’t ask for your SIN. And you shouldn’t reset your username/password because a text told you to.

 
Take two minutes to keep yourself safe from smishing and delete the message. Stay informed about any new or ongoing scams by checking RBC Current Scam Alerts.

* It is. SMS (Small Message System) + Phishing = Smishing