“Your benefits have changed, click here now.”
If you got this text, would you click?
That’s exactly what scammers are counting on.
This type of attack is called smishing, short for “SMS phishing.” Scammers use text messages to trick you into clicking links or sharing sensitive information.
Recently, members of the Yale community have been targeted. Employees have received messages claiming to be about pay, compensation, or benefits.
Remember: Yale does not send compensation information via text and sends benefits information by text only to employees who opt in during annual benefits enrollment.
How to protect yourself:
- Pause before you click. Does this message make sense?
- Verify independently. Use a trusted Yale contact, not the number in the text.
- Watch for red flags. Urgent language, unexpected links, or unknown numbers.
- Ignore it or report it. Doing nothing is better than clicking. Reporting is your best option. Contact information.security@yale.edu with details of the message.
Take action:
Build your confidence spotting scams by:
- Completing the Click with Caution training module
- Exploring the Click with Caution webpage for real examples and practical tips
Ready to Learn More?
Take the next step in protecting your personal identity during our spring challenge.
Protect It Because It’s All Connected runs April 20–24.
- Learn more and sign up for the challenge
- Join The Hive: Yale’s Cyber Buzz to build cybersecurity know-how alongside others in the Yale community. You’ll enjoy tips, activities, and resources to help you stay cyber smart at Yale and at home.