Skip to content

SMS phishing scams bite, but businesses can make things right

Photo of Andrew Fry, VP of Asia

Andrew Fry

VP Asia

Share this
15 Mar 2022
4 min read

Follow these 6 industry best practices to safeguard your customers

business owner tackling sms phishing scams and safeguarding their customers with industry best practices

Phishing scammers are the problem, not SMS

Short message service (SMS) phishing scams might have stolen the spotlight in Singapore, but don’t be in a hurry to ditch SMS marketing. 

Today, SMS is still a communications heavyweight – it remains the most direct and effective marketing channel compared to email, tweets, and Facebook posts. SMS messages boast incredibly high open rates of an estimated 98%. It gets even better when SMS messages are combined with rich, personalised landing pages, which boosts call-to-action and response rates as high as 88%, according to Whispir’s research. 

Such numbers testify to the power of SMS. However, this power can be damaging when abused by fraudulent activity through fake SMS. There may be a tendency for organisations to pause SMS-based digital engagement when they are unsure how to adequately protect their messaging, leading to poorer engagement and business outcomes. 

Forward-looking organisations know there has to be a better way. Everyone’s asking the same question: Can we avoid SMS scams while keeping our brand protected and continuing to improve customer experience? The answer is yes.

Customer trust should take top priority

To ensure your customers can trust the messages you send them and know that these messages are from your business, it’s recommended to protect your SMS sender ID. 

A sender ID is a unique name or standard mobile number that shows in the “from” field of your text messages on the mobile phone. Most companies use SMS masking, so a “text header” (or sender ID), instead of a long phone number, is shown on the “from” field of the mobile phone.

Singapore has rolled out its own SMS SenderID Protection Registry to proactively identify and block messages that do not match registry records. The goal is to establish authentic messaging from trusted organisations, allowing continued high-quality digital experiences to be delivered safely.   

6 industry best practices for sustained results

Your SMS marketing strategy needs to stay vigilant and adaptive on the mobile digital experience front. If you’re concerned about how to continue using SMS in your business, here are six industry best practices you can implement immediately to better safeguard your customers when sending SMS messages to them. 

  • When using a web link, enable Transport Layer Security (TLS) encryption

Doing this protects the message in transit. Visually, it also adds legitimacy to your weblink and assures end-users. The “lock icon,” which will be visible in the address bar, signifies to your users that your website is secure and reliable, and differentiates your site from phishing websites and other malicious websites. For SSL certificate, an encryption should be achieved with branded SSL certs like Comodo SSL, Sectigo SSL etc. All these SSL brands are having the latest encryption standards.

At the same time, TLS encryption helps keep customers’ personal information confidential while providing an additional layer of identity authentication.

These features are especially crucial to companies that would be significantly impacted if they were to eliminate clickable links from their SMS.

  • Ensure your URL is fully visible with your business web domain

Being forthcoming and ensuring full visibility of your URL shows that you have nothing to hide, which fosters trust with your customers when clicking links. 

Avoid using third-party URL shorteners or redirecting users to third-party websites because that diminishes your link as a legitimate source.

  • Don’t request sensitive information over SMS

It’s best not to request sensitive data such as personal details or bank account numbers over SMS.

  • Combine SMS with at least one other communication channel

Remember that SMS text messages are most effective when used complementarily with other communications channels. We recommend combining at least two channels when communicating with customers. For instance, you could send out your communications via SMS and email or WhatsApp.

Personalising messages with the end-user’s name conveys familiarisation and a trusted source.

You could also share official contact information for better authenticity, such as your company’s official website, customer service contact number, or company name. 

  • Explore WhatsApp or app-based push notifications

Alternatively, you could benefit from WhatsApp or app-based push notification messaging capabilities, which are less likely to be spoofed by scammers.

With great power comes great responsibility

Your customers trust you to do right by them – it’s a huge responsibility, but you don’t have to shoulder it alone. Why not partner up with someone who can help you instil confidence in your customers? Whispir can help. 

Whispir has worked with countless organisations worldwide, from enterprises to small and medium businesses, to help them foster a secure and seamless digital communications journey – across multiple channels. We are passionate about using our business communication tools to elevate how you interact and connect with your customers, and we can help create a digital engagement solution that works for you, ready for immediate deployment.

Learn more about how our digital communications software can help you make the most of SMS marketing and beyond.

Share this

We'll show you how it all works

If you’d like to see how easy Whispir makes message building, we’d be happy to walk you through a demonstration.