SMiShing is a phishing attack sent via SMS (Short Message Service).It’s the new, text-message version of the lucrative e-mail scam. In this ploy, scammers take advantage of the smart-phone revolution—hoping that a text message to your cell will make it less likely you’ll investigate the source, as you might do while sitting at your desk. Since many banks and businesses do offer text-message notifications, the scam has the air of legitimacy.
SMiShing victims receive SMS messages including texts similar to the following:: "We're confirming you've signed up for our dating service.You will be charged $2/day unless you cancel your order by accessing the website: www.??????.com". If the URL is clicked, it will download a Trojan horse that could allow a Web-enabled phone to be controlled by hackers.
Sometimes you get a text message stating a problem with your bank or PayPal account. You're told to call a toll-free number, which is answered by a bogus interactive voice-response system that tries to fool you into providing your account number and password.
Prevent it
· Do not trust unsolicited telephone messages.
· Never click on URL’s in text messages unless it is verified to be legitimate
· Real banks might send you notices via text message (if you’ve signed up for the service), but they never ask for account information. If you’re unsure, call the bank directly.
You can read more about SMiShing in the following links:
http://blogs.globalcrossing.com/?q=content/smishing-another-crimeware-threats-mobile-phone-users-security
http://en.wikipedia.org/wiki/SMiShing