A security analyst is briefing new employees on mobile-focused social-engineering techniques. She warns that attackers often send fraudulent SMS texts that appear to come from legitimate organizations, luring victims to click malicious links or install rogue apps that steal personal data. Which specific attack vector is she describing?
Smishing combines SMS text messaging with phishing tactics. Attackers craft convincing text messages that appear to come from trusted sources, enticing users to click links or download malicious apps. This can lead to credential theft, malware installation, or other compromises on the victim's smartphone. Whaling targets high-value executives via phishing emails, pretexting invents a scenario to obtain information, and baiting offers something enticing to trick the user, so none of those describe SMS-based attacks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What makes smishing different from regular phishing?
Open an interactive chat with Bash
How can you identify a smishing attempt?
Open an interactive chat with Bash
What steps can you take to protect yourself from smishing attacks?