Broker Check
How to Identify a Fake Text Message

How to Identify a Fake Text Message

March 26, 2024

A quick question:  how long does it take you to look at an email after you receive it?  Okay, now how about a text message?  For most of us, it’s no contest; we check our emails when we get around to it, but we’ll typically look at a text right away. 

That’s why you’re receiving a lot more marketing texts lately.  Companies have discovered that texts are a powerful way to reach customers and, more importantly, to get a response.  Unfortunately, scammers and hackers have learned this, too, so understanding how to identify a fake text message is a modern-day survival skill. 

Let’s explore six of the most common red flags that can help you separate scams from the real thing, as well as what to do if you receive a fake text message.

Why Scammers Have Turned to Text Messaging 

Marketing companies really, really love text messaging these days.  Why? Well, largely because almost all of us open a text — 98 percent, compared to 20 percent for marketing emails — and about 45 percent of us will respond, compared to 6 percent for emails.  The numbers vary slightly, depending on whose research you’re looking at, but overall, they’re very consistent. 

That’s also excellent news for scammers.  We’ve gotten pretty good at recognizing email phishing scams for the most part, and most of us know to be wary of links in emails, but we haven’t yet grown the same kind of mental armor where texts are concerned.  In fact, our immediate response to incoming texts is usually curiosity, as opposed to the eye-roll that often greets an incoming email. That creates a world of possibilities for scammers, especially given that legitimate organizations are also constantly testing new ways to interact with us by phone.   

How to Identify a Fake Text Message

When everybody and their proverbial dog is texting you with offers, updates, and information, how can you know what’s real and what’s dangerous? 

Well, there are often tell-tale signs that betray a fake text message. Let’s take a look at some of the big ones. 

#1 - It Seems Weirdly Random

Phishing messages, by their nature, are seldom targeted to you individually (it does happen, but it’s rare).  Instead, they’re sent out scattershot to thousands of people, on the basis that somebody’s bound to fall for it sooner or later.  This means that they’re often not applicable to you:  a message about your Apple account, perhaps, when you’re an Android and Windows user.  Those ones are easy to catch, and so are the ones that clearly know nothing about you (maybe a cat food offer, when you’re hideously allergic to pet dander and can’t have one).  

Sometimes it’s trickier, though.  If you got a “delivery failure notice” from the USPS you might click on it, just to see what’s going on, even if you weren’t expecting a package.  And if you received an authentication code for logging into one of your sites, when you’re not logging in personally, you might think someone was trying to hack your account.  In that case, randomness is actually the feature that drives the scam. 

#2 - It Urgently Demands Action Right Now!

This is a hallmark of just about every scam since the dawn of time.  There’s always, always a hugely urgent reason for you to act immediately.  Depending on the scam, it may come in the form of a carrot — a time-limited flash sale, a prize for the first handful to respond, etc. Or it may come in the form of a stick — “to avoid suspension of your account,” “if you did not request this password change,” “we have detected suspicious activity on your credit card” — to ensure that you react quickly. 

The psychology is simple, if we have to make a snap decision it’s more likely to be a wrong one. 

#3 - The Offer is Too Good to be True

Sadly greed (and the desire to get something for nothing) is a fundamental part of human nature, and all of us have at least a small streak of it in our makeup.  Scammers know this, and appeal to it pretty regularly.  Fake marketing messages with ridiculous markdowns are a common ploy, for example (no, you aren’t getting Louis Vuitton or a PS5 at that price). 

Those messages telling you you’ve won a contest you don’t remember entering are in the same category, and so is the “free gift just for responding.”  Like grandma said, if it’s too good to be true, it probably is. 

#4 - The Language is… Off

We all have “that one friend” whose spelling is hopeless and whose texts come out sounding like Yoda after too many drinks.  And that’s fine coming from a friend, but not in a text that supposedly comes from a legitimate business, financial institution, or maybe even a government agency.  In those cases, it’s a clear red flag that your text has been composed by a non-native English speaker, or possibly crudely auto-translated from another language. 

The rise of AI tools means that over the next few years, most scammers will be able to craft a persuasive message without knowing any English at all.  Even so, not all scammers have access to AI tools, and the tools themselves can spit out some clunky messages on occasion.  The bottom line is that incoherent messages will remain a reliable warning sign for a while. 

#5 - The Phone Number May Not Be in the Right Format

Take a look at the numbers your last several (non-friend) texts have come from.  A lot of the ones from businesses will show a 5- or 6-digit “short code,” rather than a regular phone number.  Those ones are usually fine:  there’s an organization that assigns them, and there’s a verification process, so those are usually valid (and you can look them up).  You might get spammed from a short code, but probably not scammed. 

Most other numbers will be in the familiar 10-digit format that’s standard in the US, as you’d expect from a sender that claims to be US-based.  Occasionally you’ll see numbers that are longer than 10 digits, or formatted differently.  Those you can assume are probably scammers, unless you’re legitimately dealing with overseas companies. 

#6 - There’s a Link In It

Okay, some legitimate senders will include a link in their text, but they’re a small percentage.  Phishing messages, on the other hand, almost always include a link.  You don’t need to be a math whiz to figure out that the odds are in favor of any text message with a link in it being a scam.

Protecting Yourself from Scam Texts

Protecting yourself against phishing texts is a lot like protecting yourself against phishing emails. 

  • Don’t click links in unsolicited texts
  • Don’t call any phone number in an unsolicited text
  • Don’t scan a QR code in an unsolicited text (that’s a new one that scammers are exploiting now)
  • Search the sender’s phone number.  Spokeo is a great resource  to see
    • a) if it’s legitimate, and
    • b) if the Phone Reputation Score shows a lot of complaints about it lately (sometimes scammers “spoof” a legitimate number, which causes a spike in complaints)

Those are just the starting points, of course.  Another very useful tactic is to visit the sites of organizations you actually deal with on a regular basis, and look for the discussion of scams and phishing on their support pages.  Frequently-impersonated businesses and government agencies including AmazonNetflixPaypalthe IRSthe SSA and the USPS all have pages that have spam text message examples or explain common scam messages, and tell you how to recognize them. 

Those are important, because knowing what the real organization will and won’t do is a valuable tool in recognizing scams.  If you already know that the IRS and USPS never send unsolicited texts, for example, it’s a no-brainer that the message you’re looking at is bogus. 

What to Do if You Receive a Phishing Text 

The quickest, simplest response to a fake text is simply to block the sender, delete the text, and forget about it.  Your phone and your carrier will offer several options for call/text blocking (methods will vary, but they’re easy to look up) and you can also install phone apps that provide varying degrees of screening and blocking for calls and texts. 

Many companies and government agencies provide you the option of forwarding the suspect text or sending them a screenshot, so they’ll have it on file.  It’s important for them to know which scams are making the rounds, and it may help others avoid the same scam.  You should also consider reporting it to the FTC’s Report Fraud website or the FBI’s Internet Crime Complaint Center (IC3), for the same reasons.  

Realistically it’s not exactly news that the internet is full of scammers who are out to get you, and knowing that they’re using text messages now doesn’t change the equation a whole lot.  There’s no magic to text messages, no “secret sauce” that makes them especially dangerous.  They work because people are less likely to be wary of a text than an email, period. So…be wary.  


Sources