NSW Department of Education
Learning resources

Phishing, Smishing and Vishing

For teachers
For parents
For students

Key message

Learn to protect yourself from a phishing, smishing or vishing attack


Phishing is the name given to email scams that focus on getting your personal details, with the end goal of being able to impersonate you online. The impersonator (actor), can use your identity to commit fraudulent activities such as stealing your information or your money.


Cyber safety is a need in the digital age. Organisations around the world are being hit by spams and scams. Some steal money, others your identity. Smishing is one such scam. It is a Phishing scam that gets delivered via mobile phone text message (SMS). It might have links in it that take you to a malicious website and request you to fill in sensitive personal information such as your bank account number. As more and more people use their personal smartphones for work, smishing is becoming a business threat as well as a consumer threat.


Vishing stands for voice phishing. This is when cybercriminals use social engineering tactics to convince you to act, giving up private information and/or access to bank accounts. They try to convince you to respond. Often the caller will pretend to be calling from the government, tax department, police, or the victim’s bank.

Once they have this information they can proceed to commit further crimes. For example, the cybercriminal may drain the victim’s bank account, commit identity theft, and use the victim’s credit card details to make unauthorized purchases, and then email the victim’s colleagues in hopes of tricking someone into giving up confidential work information. Some common Vishing techniques are:

  • Wardialing
  • Caller ID spoofing
  • Spear Vishing

It has never been more important to learn how to avoid being 'vished' and be cyber aware.

Curriculum and syllabus links

Need help?