With the booming popularity of smartphones, threats related to these devices are increasingly on the rise. Smishing, a combination of SMS (Short Message Service) and phishing has emerged as a treacherous cyber threat used by malicious actors to deceive users, aiming to steal sensitive information, money or install malware on their mobile devices. Despite the increase in smishing attacks in recent years, there are very few studies aimed at understanding the factors that contribute to a user's ability to differentiate real from fake messages. To address this gap in knowledge, we have conducted an online survey on smishing detection with 187 participants. In this study, we presented them with 16 SMS screenshots and evaluated how different factors affect their decision making process in smishing detection. Next, we conducted a post-survey to garner information on the participants' security attitudes, behavior and knowledge. Our results highlighted that attention and security behavioral scores had a significant impact on participants' accuracy in identifying smishing messages. We found that participants had more difficulty identifying real messages from fake ones, with an accuracy of 67.1% with fake messages and 43.6% with real messages. Our study is crucial in developing proactive strategies to encounter and mitigate smishing attacks. By understanding what factors influence smishing detection, we aim to bolster users' resilience against such threats and create a safer digital environment for all.

翻译：随着智能手机的普及，与之相关的安全威胁日益增长。短信钓鱼（Smishing）——即短信服务与网络钓鱼的结合——已成为一种危险的网络威胁，攻击者利用其欺骗用户，意图窃取敏感信息、骗取钱财或在移动设备上安装恶意软件。尽管近年来短信钓鱼攻击持续增加，但针对用户区分真实与虚假短信能力影响因素的研究却十分有限。为填补这一知识空白，我们开展了一项涉及187名参与者的在线短信钓鱼检测调查。本研究向参与者展示了16条短信截图，评估了不同因素对其短信钓鱼检测决策过程的影响。随后，我们通过后测问卷调查了参与者的安全意识、行为习惯与安全知识水平。研究结果表明，注意力水平与安全行为得分对参与者识别钓鱼短信的准确率具有显著影响。我们发现参与者更难准确识别真实短信（真实短信识别准确率43.6%，虚假短信识别准确率67.1%）。本研究对于制定主动应对和缓解短信钓鱼攻击的策略至关重要。通过解析影响短信钓鱼检测的关键因素，我们旨在增强用户抵御此类威胁的能力，为所有人构建更安全的数字环境。