The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

Text Messages from Microsoft – Genuine or Phishing?

Download Windows Speedup Tool to fix errors and make PC run faster

If you receive text messages from Microsoft, they could be genuine, or they could be some kind of phishing attempt. We’ll discuss both in this post about why Microsoft is texting you. With text messaging becoming so popular, scams involving SMSs had to appear! Smishing is a term coined from Short Message Service (SMS) and Phishing. Let us find out!

Why is Microsoft texting me?

Why is Microsoft texting me

If the text message contains a link, beware. It could be a phishing attempt, as explained in the next section. But if it contains numbers or alphanumeric characters, it could be a genuine one-time password or something that tries to identify if you are really trying to log into your Microsoft account.

Accounts that have a two-step-verification setup get text messages containing information that will help you complete the login process. Such messages seldom contain any link. If you see a shortened link in the account verification message, it should take you to a knowledge base article or open the Microsoft support page. Just don’t click on the link without knowing where the link leads to. There are URL expanders that help you see where a shortened link (bit.ly, ms.ft, or goo.gl) leads to.

Besides OTP (one-time password), Microsoft may text you to:

  1. Inform you that you logged in successfully, in case it suspects unauthorized logins so that you can prevent your account from being stolen
  2. Tell you that someone is trying to log into your account; this happens when there is a significant difference in area codes; there are false positives too, sometimes, so you need not to worry; if you receive similar messages every day, contact Microsoft Support
  3. Tell you that someone is trying to log into your account using a new browser/device; again, there can be false positives, but it is better to know that Microsoft is caring for your login information and thereby securing your data

The above could be some reasons why Microsoft is texting you. If you do not wish to receive OTP every time you log in, you may use the Microsoft Authenticator app.

Read: Identify & avoid scams that fraudulently use the Microsoft name.

Earlier, the hackers had only computers and related peripherals to attack. With smartphones, it has become easier to cheat people. You just received a message from something like XX-MSFT containing a link asking to be clicked. What would you do in case of emails if you are not sure if they are genuine? You will not click the link in the email.

You will log into your Microsoft account and navigate the pages mentioned in the email. If the pages are not there, you delete the email instead of trying to reach Microsoft using the links specified in the email.

The same applies here, in the case of text messages. The origin of the messages cannot be confirmed as there won’t be a valid number but just a name that says or relates to Microsoft. If there is no way you can validate the number or the contact name, never click any links because the links in smartphones will be shortened links like goo.gl or bit.ly. They cause damage to your device if the link turns out to be a fake one.

TIP: Never click any link in a text message from anyone if you don’t know where it leads.

ArunKumar@TWC

Arun Kumar has been a Microsoft MVP (2010-12). He is obsessed with technology, especially the Internet. He deals with the multimedia content needs of training and corporate houses.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Live Chat Button