Cybersecurity Awareness: Protect Yourself from Scam Text Messages

Screenshot: Google.

Be wary of any links arriving via text message.

In March, 11.6 billion fraudulent text messages were sent to Americans, an increase of 30 percent from February. These scam text messages, called smishing (aka SMS Phishing), typically arrive via text message, though they can come through any messaging platform, such as WhatsApp or Instagram. The scams often come with a link attached, or they might ask for a direct response, but you would need to take some action to be affected by the attack. Receiving the message alone will not cause any damage.  

How to Identify Smishing 

Look out for these red flags to identify smishing: 

• Be suspicious of emails or calls that require "immediate action" or ask for personal information. 

• Scam texts usually have longer phone numbers with 10 digits or more. Authentic commercial entities generally send messages from four-, five- or six-digit numbers. 

• The message contains misspelled words or unusual spacing. 

• The message contains a reward (e.g., you won a gift card) or a warning (e.g., your payment declined).  

A reputable organization will rarely need to send you a message with a link embedded in it, so you can view such messages with suspicion. It's rarer still that these messages will appear out of nowhere — if they are authentic, they'll usually show up as you're trying to verify an account or making an inquiry or having an active conversation with someone. 

How to Protect Yourself 

The security advice for guarding against smishing is similar for protecting your accounts and devices against phishing attacks.  

• Keep your phone's software and web browser up to date. The current security features built into Android, iOS, Chrome and Safari will help protect your data. 

• If you are in any doubt about the legitimacy of a message, contact the sender directly. If you receive a text purporting to come from your bank, for example, contact the bank through official channels, rather than following the link that came through on the text.  

• Slow down. Don't rush to reply or click a link. Even typing "STOP" will indicate to a scammer that your phone number is active. 

Securing our campus community is an ongoing effort because cybercriminals continue to evolve their efforts. In this era of persistent cyber threats, our university can be secure only with the active participation of everyone.   

To learn more, visit the Cybersecurity Checklist.