Phishing v/s Vishing v/s SMShing


According to Wikipedia, Phishing is a fraudulent attempt to obtain sensitive information or data, such as usernames, passwords, credit card details, or other sensitive details, by impersonating oneself as a trustworthy entity in digital communication.

In a nutshell, phishing is an attack that typically attempts to trick the victim into clicking on a link or executing malware. It is typically carried out by sending fake emails or instant messages about a fake website that looks legitimate to enter credentials. Also, it is a form of social engineering.


  • SMS Phishing uses text messages to deliver the bait to divulge personal information. 
  • Smishing attacks typically invite the user to click a link, call a phone number, or contact an email address provided by the attacker via SMS message. 
  • The victim is then asked to provide sensitive information. Moreover, URLs may not be displayed properly on mobile browsers. Results in making it difficult to identify a genuine webpage.
  • As the use of mobile phones increased in the past few years, a malicious link sent via SMS can yield the same result as it would have via email.


  • Vishing is phishing over a voice call.
  • Not all attacks require a fake login website.
  • Text Messages that claim to be from a bank tell users to dial a number, if they want to resolve the issue with their bank account or need a discount on their credit card number.
  • When dialling the phone number, it asks users to enter their account number and PIN.
  • It may sometimes give fake caller-ID data to make it look like a legitimate one (in this case using Truecaller or any other application will work as bait).
If you encounter any number or email with these malicious activities, please report that email id or phone number using our contact us form.

We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.

No comments:

Post a Comment