Chapter 04

Safeguard your customers – and your brand

The digital world can be a dangerous place. From individuals with malicious intent to entire operations focused on phishing, bad actors want access to your customers’ accounts and personal data.

The right digital communications are at the frontlines of the fight to protect your customers, applications, and brand. Find out how account verification, fraud alerts, and other messages increase trust and keep people safe.
Read the chapter
Image for Safeguard your customers – and your brand

Using digital communications for a safer customer experience

Are you doing enough to keep customer accounts safe from cybersecurity risks? Sinch experts explain how messages that verify account ownership stop fraud in its tracks and keep customer engagements flowing.

The state of customer communications - Pillar 3: Safe
80%

of phishing scams aim to steal user credentials often using fake login pages.*

77%

of AI voice cloning attacks are successful in getting money from victims.**

90%

of phishing attempts sent through OTT messaging applications occur on WhatsApp (not necessarily WhatsApp for business).***

84%

of Americans believe the companies they do business with are responsible for their digital privacy.****


Are bad actors impersonating your brand?

Every day, billions of fake messages aim to deceive people who trust the brands they do business with. Phishing, smishing (SMS phishing), and vishing (voice phishing) often impersonate familiar companies to trick consumers into giving up credentials for account access.

Many attackers will use multiple channels (email, voice, and text) to carry out their complex and very convincing scams.

These statistics from the cybersecurity industry illustrate the magnitude of the problem. But there’s good news…

The same communication channels the bad guys use for their shady schemes can be used to keep your customers safe.

* HoxHunt research
** McAfee research
*** Kaspersky research
**** Telesign Trust Index

Account verification messages add protection

The days of logging in with nothing more than a username and password have come to an end. And most people appreciate that.

Extra steps to verify ownership of an account are obviously needed to protect sensitive financial and medical information. However, many consumers also want these protections for other online accounts and applications.

Even though it can be a hassle, our research found most consumers believe those extra steps either make them feel safer (49%) or are a necessary inconvenience (27%).

One of the fastest and most convenient ways to deliver multi-factor authentication (MFA) messages like one-time passwords (OTPs) is with a text message sent directly to the user’s smartphone. But texting isn’t the only effective verification method.

Everything You Need to Know About Flash Call in 3 Minutes

Flash calls for fast and efficient verification

A flash call lets your users verify their identity as the account owner without ever answering the phone. In some cases, flash calls may also be a more cost-effective solution than sending an SMS verification. Watch Sinch’s Lee Suker explain how this innovation works.

Is there a “safest” communication channel?

Organizations spend plenty of time and money educating their employees on the risks of phishing. Consumers don’t often get that education – and survey results reflect that.

When asked to choose the channel they thought would be least likely to be used for phishing attempts, nearly 35% selected email.

Unfortunately, email is actually the most popular threat vector among bad actors with approximately 3.4 billion phishing emails sent daily. No channel is 100% safe.

Around 27% of consumers chose in-app notifications, which are certainly safer. However, in-app messages are only available once you’re logged into an application.

Just 4% of respondents selected RCS. But they may not realize the truth. This emerging form of messaging has significant safety benefits thanks to visual indicators that come only from verified senders.

What is email authentication? The secret handshake that gets you to the inbox

Email authentication for safer inboxes

The most effective way to thwart phishing attempts via the email channel is with strong, properly configured email authentication protocols. They include:

• Sender Policy Framework (SPF)
• DomainKeys Identified Mail (DKIM)
• Domain-based Message Authentication, Reporting and Conformance (DMARC)

These technical specifications are DNS records that help mailbox providers verify whether an email is coming from a legitimate sender/source or if they could be malicious.

Watch Sinch Mailgun’s Jonathan Torres explain how the three protocols work together.

The need for DMARC adoption

While nearly everyone uses SPF and DKIM, major mailbox providers recently introduced a requirement that all bulk senders use DMARC as well. That’s because it is the best way to keep others from using your domain to send email.

Sinch Mailgun’s State of email deliverability 2025 report found an 11% increase in DMARC adoption. However, 18% of those surveyed still aren’t using DMARC, and another 28% are unsure.

Even among senders who are using DMARC, many have yet to implement a policy to either quarantine or reject emails that fail to pass authentication. Weak email authentication leaves an opening for bad actors to infiltrate inboxes.

Do real messages ever seem phishy?

As consumers become more aware of the risks of phishing, they may also become wary of interacting with valid customer communications. That’s especially true if they’ve been the victim of identity theft.

When asked if they could recall receiving a legitimate message from a brand that they found suspicious, nearly 53% of consumers said they’d had the experience in the last year. Another 21% were unsure.

That could be a problem. If you want customers to engage with your marketing messages or take other actions, you need them to trust that what you’re sending is safe.

Deliver trustworthy mobile messages with RCS

RCS for Business messages include an official logo and checkmark. These visual indicators not only support branding, but they also serve as a sign that the message came from a verified sender. This involves a third-party review to confirm you are a legitimate business that is allowed to send RCS business messages.

Nearly 42% of consumers said these elements make it more likely they’d see the message as safe. Another 37% said they’d feel somewhat safer.

Younger consumers place even more trust in logos and checkmarks. Generation Z (71%) and millennials (59%) were more likely to view these messages as safe.

Keep in mind, RCS messages are encrypted during transit but only provide end-to-end encryption (EE2E) through peer-to-peer (P2P) Google Messages. Consumers who require more privacy may prefer other messaging applications, like WhatsApp, which does offer EE2E. Similar to RCS, the WhatsApp Business API also provides verified business accounts with checkmarks to increase trust.

SAFE

Mobile messaging showdown

While a simple text may be enough to deliver an account verification to a customer’s smartphone, rich features add an extra layer of trust and convenience. This could be especially important when accessing financial accounts. We asked consumers to select the text they found to be the most trustworthy.

• A basic SMS verification
• An SMS verification personalized with a name
• An RCS message with trust marks and buttons

The RCS message once again came out on top. 59% of consumers preferred this type of verification message while around 20% of them chose one of the SMS options. Just don’t forget – RCS messages can also be personalized. 

Image for Mobile messaging showdown

safe financial services

Fraud alerts and speedy delivery

In Chapter 3, we learned that 74% of consumers view fraud alert notifications as “very important.” That’s the highest of any type of customer update featured in our survey.

Fraud alert messages also help keep consumers’ personal finances safe. To do that, the message needs to arrive in a timely manner. How timely? ASAP according to most people.

More than 72% of respondents expect these notifications to show up immediately after fraudulent activity is detected. Nearly 15% expect the alert to arrive within five minutes. Altogether, that’s 87% who expect a fast response to potential fraud.

Because time is of the essence, the speediness and potential reach of text messaging makes it the ideal channel for fraud alerts.

Preferred channels to follow up on fraud alerts

After potential fraud is detected, consumers need to take action to either confirm or deny the activity and take steps to protect their accounts if necessary.

Voice is the preferred channel for resolving these situations, as 46% of consumers want to make a phone call. However, 20% would continue the conversation on their text messaging application.

16% want to handle this type of communication by logging into a client portal or application. This also might be the first place they go to investigate what’s happening.

Email proved to be far less popular for this purpose compared to other situations. The channel is likely too slow for communications about fraud.

safe healthcare

Protecting patient privacy

Close to half of the consumers in our survey (49%) indicated they’ve felt concerned about their privacy when discussing health needs over common channels like email, text, and voice.

In this situation, a patient portal offers a sense of security for communicating sensitive matters. Nearly one-third of consumers chose the patient portal as ideal for privacy, while 31% would prefer phone calls and 25% chose email.

Of course, it is often channels like email and text messaging that notify patients when there’s a new message for them in the patient portal. Plus, when it’s time to log in to a patient portal, or you need to reset a password, other communication channels are needed to make that happen. Those messages are also designed to protect the patient portal and the sensitive data inside.

safe retail

Staying informed to stay safe

Digital customer communications can even bridge the gap and support safety in the physical world. Delivery notifications are the perfect example – they help keep consumers’ online orders safe.

Close to 73% of consumers believe timely delivery notifications help prevent packages from being stolen.

Whether it’s a food delivery or gifts for the holiday season, people want to be notified as soon as what they’re expecting arrives. This could mean integrating key customer communications with shipping and logistics management systems.

Safe customer communications backed by strong security

Verification API

Protect your users while making it easy for them to sign up and log in to your application.

Sinch helps you enhance app security with scalable solutions and a single API.

Verify users via SMS, Sinch Flash Call™, data verification, or phone calls.
Get started

Trustworthy RCS

While RCS messages offer engaging experiences, they also help recipients feel safe.

Find out how to register as a verified sender so your texts show up with an official logo and checkmark.

Increase customer trust and choose an innovative way to communicate.
Get started

Secure partnerships

Sinch and its family of brands take security very seriously.

We know that protecting our platforms keeps you and your customers safe as well.

Discover the details of our security certifications and the steps we take to safely store data.
Learn more
Master informational customer communications Chapter 03 Master informational customer communications Make customers happy (even after the sale) Chapter 05 Make customers happy (even after the sale)