Putting links in SMS messages is just a terrible idea anyway.

We have to stop teaching users that it’s okay to click on links sent to them in an SMS – it’s so exploitable phishing attacks.

The SMS could very easily have read “Not quite sure about something on your bill? Search for the “Virgin Media Bill Explainer” or an alternative call to action (“Check your account page for our new Mobile Bill explainer”.

Just like unsolicited phone calls from your “bank” asking for personal information, SMS texts with links in them should be treated as spam/phishing. The only reason these are effective means of attack is that we keep teaching users that these are normal behaviours.