‘Smishing’ is a new term to hit the net, to describe an ‘attack’ where malformed links are sent to unsuspecting texters, enticing them to click with often perilous results.
A smishing attack is similar to that of a XSS or Cross Site Scripting flaw, in the sense that it takes user interaction to initiate the attack and deliver the payload. The result can be authorization credentials being transferred from one entity to the next, or something so innocuous as a silent Facebook post proclaiming proudly ‘I love buttsecks’
There is not a ‘patch’ so to speak to curb this issue, however, the user can be ‘patched’ and conditioned to not click unsolicited links. This is akin to not answering the guy shouting ‘Hey baby, what’s yo number??’ which, historically, has never ended well, either.