If you haven’t already, you will receive text messages that entice you to respond. Some of the messages contain links that can infect your phone with spyware and other malicious programs.

Before you click a link, follow instructions, or consider believing a text message, look at the sender’s phone number.

Major organizations do not text you from a phone number; they use an SMS Short Code. The code is five to eight digits long and is much more difficult for attackers to spoof.

See if you can figure out which of these messages is fake:

Sender: 59569
Thank you for joining Target Circle! Reply STOP to unsubscribe

Sender: 26096
Use verification code 908197 for Microsoft Authentication

Sender: 754-555-1279
Your credit card is suspended due to fraudulent activity. Proceed immediately to HTTPS://…

Sender: 14105550009
Did you claim your gift from ATT? Hurry up! HTTP://…

You’re right. The third and fourth messages are fake, and less aware users who follow the link are likely to experience a cybersecurity event they might not recognize. Attackers could install malware that will spy on their phone, download contact lists, record conversations, and more. The link could take them to a fake login screen for their bank. The screen will look perfectly accurate and ask them to reset their password. The trusting phone owner will enter their old password when prompted. They might install an app that can attempt to access the smart devices in their home to gather personal information. You get the idea.

Please forward this to your friends so that they can keep an eye out for the SMS Short Codes and know those are more difficult for attackers to spoof. They’ll know to be suspicious of messages that claim to be a major organization but come from what looks like a phone number.