What attacks SmishAlert surfaces
Executive impersonation, payroll/HR fraud, credential harvesting, vendor impersonation, and coordinated campaigns.
SmishAlert surfaces the highest-leverage social engineering reaching employees in messaging channels:
- Executive impersonation — CEO/CFO/VP spoofs in SMS and chat requesting urgent wires, gift cards, or favors.
- Payroll & HR fraud — direct-deposit changes, benefits redirects, and W-2 lures targeting payroll and HR teams (highest loss per incident).
- Credential harvesting — fake MFA prompts, IT-help-desk lures, and Microsoft/Okta/Duo login spoofs.
- Vendor & partner impersonation — banking-detail and invoice-change requests that complete inside an existing trust boundary.
- Coordinated campaigns — the same attacker, infrastructure, and lure variant hitting many employees; correlated into one named campaign instead of scattered reports.
- Authority & brand spoofs — bank, IRS, USPS, and SaaS-platform impersonation on personal devices.
Each attack type is detailed on the marketing site under Solutions. To quantify your own exposure across these categories, run a 30-day exposure pilot—see the 30-day exposure pilot section.