Why is AT&T NOT blocking Obvious Phishing Text Messages?!?
EVERY day I receive at least one "SMSishing" (phishing via text) message that reads exactly the same:
"ATTFree Msg: December bill is paid. Thanks, Here's a little gift for you:", followed by a dynamic URL link ([dot].info/).
These are obviously malicious links and/or scams, so why does AT&T, who processes and routes every text that comes to my device, not conducting a very simple scan for the clear text phrase "ATTFree Msg", and blocking these? These texts are clearly a reputational risk to AT&T due to the AT&T fraud, and a cyber risk to their customers. I have blocked over 20 different phone numbers listed as the source of these texts, but those numbers are simply Caller ID spoofed anyway, so that's a losing battle. I cannot block all unknown numbers, because legitimate two factor authentication mechanisms, including AT&T's own account access system, send one-time codes from generic (typically 6 character) caller IDs.
Note: your FAQ states to "Forward the suspicious text to us at 7726.". Users cannot easily forward a text message, and not without risk of inadvertently clicking the malicious link. No, I'm not going to take screenshots, then create a new text message, send a picture, etc.
Hey AT&T Wireless: this is BASIC wireless security, affecting not just us, but you. Up your cybersecurity-it's 2022. It's much easier for you to monitor and detect this malicious activity, than for your paying customers to bear this burden and responsibility, let alone that approach be at all effective. The fact that every one of these is impersonating you, and you are the primary path of their attack vector is unbelievable.