Skip to main content Skip to online banking log in
  • Careers
  • Search Site

Don’t Get Scammed by Smishing

August 29, 2025

Smishing—short for SMS phishing—is one of the fastest-growing cybersecurity threats in 2025. As mobile devices become more central to our lives, cybercriminals are exploiting text messaging to trick users into revealing sensitive information. Columbia Credit Union’s commitment to digital safety means we’re here to help you understand and defend yourself against this evolving threat.

What is Smishing?

Smishing is a form of phishing that uses deceptive text messages to lure recipients into clicking malicious links or sharing personal data. These messages often impersonate trusted organizations like banks, delivery services, or government agencies.

Common Tactics & Red Flags

Smishing messages often impersonate trusted entities like banks or retailers and use urgency—such as warnings that your account is locked—to prompt immediate action. They may offer fake prizes or discounts and include suspicious links or QR codes, a tactic known as “quishing.” Red flags to watch for include messages from unfamiliar or unusual numbers, spelling or grammar mistakes, requests for personal or financial information, and urgent calls to action like “Click now!” or “Verify immediately!” These tactics are designed to exploit trust and panic, making it essential to stay vigilant and cautious when receiving unexpected texts.

How to Protect Yourself

Healthy digital habits can help you stay safe. Follow these key steps to defend against smishing:

  • Don’t click suspicious links: Especially shortened URLs or those from unknown senders.
  • Never share sensitive info via text: Banks and government agencies won’t ask for passwords or SSNs via SMS.
  • Use two-factor authentication: Adds an extra layer of protection even if credentials are compromised.
  • Verify messages directly: Contact the organization using official channels, not the number in the message.

Report Suspected Fraud

By staying informed and vigilant, you can outsmart cybercriminals and keep your personal information safe. If you suspect fraudulent activity, trust your instincts—hang up, don’t click, and contact us or the organization directly.

Need to report smishing texts, phishing calls or emails? If you receive suspicious communications, please take a screenshot of the email or text and send a copy of the image to FraudBuster@columbiacu.org.

For more security tips and tools, explore the Digital Services at Columbia Credit Union. Stay safe out there!