This is an old revision of the document!
Smishing (short for SMS Phishing) is a variant of phishing email scams that uses Short Message Service (SMS) systems to send out bogus text messages. Also written as SMiShing, SMS phishing made recent headlines when a vulnerability in the IPhone's SMS text messaging system was discovered that made smishing on the mobile device possible.
Smishing scams frequently seek to direct the text message recipient to visit a website or call a phone number. At which point, the person being scammed is enticed to provide sensitive information such as credit card details or passwords. Smishing websites are also known to attempt to infect the person's phone with Malware.
LUCY has a build in API which will connect to a centralized LUCY gateway when initializing SMS delivery. The gateway will first verify, if the LUCY client has sufficient credits and is allowed to send SMS. If all checks pass our gateway will connect to an international provider using a second API. This provider is able to send the messages with the settings defined in LUCY.
In order to use the smishing feature in LUCY, you need a:
a) commercial license and
b) sufficient balance
You can find your current credit under settings/licence:
In LUCY you have a button next to the balance which enables you to buy more credits directly within the LUCY GUI.
One sms usally costs between 3 and 9 cents. Here's the detailed pricing page (there is a selection for destination country): https://www.messagebird.com/en-us/pricing
Within the scenario (Base Settings –> Scenario Settings –> Message Settings) you can use as a delivery method either "mail" or "sms". Choose "SMS". As a sender you can put a name or phone number (use always the phone number with the country code: example 49 xxx). The actual phone number should have no "00" and "+" in front, i.e. 41796959611 (41 - Switzerland country code) and not 0041796959611 or +41796959611. See https://en.wikipedia.org/wiki/List_of_country_calling_codes
If the phone number is saved in the recipient's contacts, it will show the corresponding contact information upon arrival of the SMS.
Next, you will need to enter the phone number in your recipient's list. Don't forget to also set the correct language (the language should match the language chosen in General Settings (Base Settings –> Scenario settings –> Base Settings).
When you place the %link% variable within the message body and your scenario uses a public domain name, it will automatically be shortened. The link will look like "http://is.gd/9VjDKF” to fit into one text message. If you use an IP address for your landing page the link will be not shortened.