Is a text saying I have an unread voicemail and to click a link a scam?
Yes. Texts with voicemail notification links are a widespread phishing method — the link leads to a credential-stealing page or malware download.
Last reviewed: 1 June 2026
Explanation
Fake voicemail notification SMS messages are a well-documented phishing method called 'smishing'. The message mimics notifications from network carriers, Google Voice, or iPhone voicemail. The link does not play a voicemail — it opens a page that imitates a login screen to steal your Apple ID, Google account, or mobile carrier credentials. On Android, some variants attempt to install malware disguised as a voicemail app. Genuine voicemail notifications from your carrier do not require you to log in via a link in an SMS; you access them through your phone's built-in dialler.
Common red flags
- SMS voicemail notification from an unknown sender or short code
- Link domain does not match your carrier's official domain
- Page asks for account login after clicking
- Device prompts you to install an app to hear the voicemail
What to do now
- Do not click the link — delete the message
- Access voicemail through your phone's dialler or official carrier app
- If you clicked and entered credentials, change passwords immediately
- Report smishing to your carrier by forwarding to 7726 (UK/US)
Frequently asked questions
Can clicking the link without entering anything cause harm?
On some devices, visiting a malicious URL can trigger automatic downloads, especially on older Android versions. Avoid clicking even to 'just look'.