A new text message scam is making the rounds, and it’s designed to make you panic. You may receive a message that looks like a security alert—something along the lines of a login attempt on your email or social media account. The message often includes a multi-factor authentication (MFA) code and a phone number to call if the login wasn’t initiated by you.
At first glance, this might look like a legitimate warning from a trusted service. But it’s not. This is a form of text message phishing known as smishing. The message doesn’t come from your email provider or social media platform—it comes from a cybercriminal. And the number included doesn’t lead to real customer support. If you call it, you’ll be speaking directly with a scammer.
Once they have you on the line, the attacker will try to convince you to share sensitive information like your username, password, or verification codes. With that information, they can take control of your accounts and potentially steal your identity or access your financial data.
How to Stay Safe:
Be skeptical of unexpected MFA codes. If you didn’t try to log in, don’t assume someone else did—this could be bait.
Don’t trust unknown phone numbers. If you need to contact support, visit the official website of the service and use the verified contact details.
Pause before you respond. Scammers rely on panic and urgency. Take a moment to assess the message before taking any action.
Always think before you click—or call. Staying calm and cautious is your best defense against scams like this.