The platform
The system of record for social engineering reaching your workforce.
SmishAlert is built around three jobs: capture every suspicious message your employees see, correlate them into campaigns, and produce evidence your team can defend in a board review or audit.
Capture
- iOS: native Message Filtering extension for SMS and iMessage — on-device, MDM-deployable, no carrier forwarding
- Android: enterprise app distributed via MDM with in-app reporting, Share Sheet, and screenshot upload (filter parity tracks platform APIs)
- Employee-initiated reporting on both platforms — Report Junk, Share Sheet, screenshot upload, in-app
Correlate
- Fingerprint-grade telemetry that links lookalike messages across employees and devices
- Campaign clustering that surfaces multi-employee, multi-channel waves
- Workforce-mode coverage of every unknown sender across the managed fleet — not just what employees voluntarily report
Report
- Web admin dashboard for SecOps day-to-day
- Executive PDF readout for board and audit committee
- SIEM/SOAR routing on Standard+ for teams that want signal in their stack
Privacy & deployment
Two modes. The buyer picks. No surprises in procurement.
SmishAlert runs in Personal mode (on-device only, we see only what employees explicitly report) or Workforce mode (every unknown SMS / iMessage reviewed across the managed iOS fleet, with Android employees reporting into the same dashboard — the system-of-record the exposure pilot is built for). The choice is made at deployment, surfaced in the admin console, and what procurement reviews is what users experience on day one.
Each mode's data flow is spelled out on the Trust page.
FAQ
Questions security leaders ask
How do I measure my workforce's exposure to social engineering?
Book a scoping call and run the SmishAlert 30-day exposure pilot. We deploy our iOS app to 25–100 of your employees, capture every suspicious message they report, correlate the reports into named campaigns, and end with an executive-grade findings report your CEO and board will read. $2,500 for up to 50 users, credited toward an annual subscription if you move forward.
What's the difference between SmishAlert and a secure email gateway (SEG)?
Your SEG inspects email. SmishAlert is the system of record for the social engineering reaching your employees in SMS, iMessage, and chat — channels your SEG never sees. We don't replace your email security; we add the missing visibility for the messaging-channel attack surface that's now where the highest-leverage attacks land first.
What does the SmishAlert 30-day exposure pilot include?
Deployment of the SmishAlert mobile app across 25–100 enrolled users, a reporting portal with classified and correlated message data, a 60-minute executive readout call, a written findings report (branded for your leadership team), and a vertical-specific threat intelligence summary. Pricing is $2,500 for up to 50 users or $5,000 for 51–100 users.
Can SmishAlert deploy across a managed iOS and Android fleet via MDM?
Yes. SmishAlert ships native apps for iOS and Android, both MDM-deployable via Jamf, Addigy, Intune, or any provider that supports iOS Message Filtering extensions and Android Enterprise. On iOS we capture every unknown SMS / iMessage via the Message Filter extension; on Android employees report into the same Workforce-mode dashboard via Share Sheet, in-app, and screenshot upload (filter parity on Android tracks platform APIs). The pilot lands cleanly across a 25–100-user MDM-pushed deployment in a single week.
How is the pilot fee credited toward a subscription?
100% of the pilot fee is credited toward your first year of an annual SmishAlert subscription if you move forward after the executive readout. Subscription pricing is scoped during the readout — typical deployments are $4.99–$7.99 per user per month annual, with a $1,500 monthly minimum.
Who is SmishAlert built for?
Security leaders at 200–2,500-employee organizations in healthcare, financial services, professional services, and HR/payroll — verticals where impersonation, payroll fraud, and credential harvesting cost real money and where the buyer needs a defensible number for the board.
Start measuring
See the platform on your own workforce.
A 30-minute scoping call. A 30-day pilot. A report your CEO will read.
Or take the 2-minute self-evaluation — no email required.