The word smishing is a portmanteau of 'SMS' and 'phishing'. This type of scam uses text messaging or instant messaging like WhatsApp to trick you.

The goal of the cybercriminal can be to obtain your personal information, infect your device, or convince you to call a premium-rate number, among others.

To achieve this, as with email phishing attacks, scammers use social engineering to make you believe that you have received an urgent requirement from your bank, an offer that is too good to be true, or the prize for a contest you have not participated in.

What can I do to prevent these attacks?

  • Do not trust messages that try to convey urgency, warn you about any type of risk to your money or offer you special prizes or offers. 
  • Be cautious with the personal information you share. Remember that neither CaixaBank nor any other legitimate company or institution will ever ask you for the passwords to your digital banking. 
  • Do not click directly on SMS links. If the message contains a link, carefully check whether the website address is well written and whether it corresponds to the official page for the service in question. If you think the message may be legitimate, it is advisable that you access the links by typing the address directly into the browser bar. 
  • Some messages may contain shorter links than normal, which do not reveal information about their origin. In these cases, it is advisable to use free services such as You can see the real address the link leads to by copying and pasting the shortened version into this website.
  • Common sense and knowledge are your greatest ally against cybercriminals. Stay up-to-date on the latest techniques and types of fraud so that you can avoid scams and improve your digital security.