Share
SMISHING THREAT REPORT

The Samsung Messages shutdown is real. The "click here to switch" text is a scam

Samsung Messages is being discontinued on July 6, 2026 in the US, and Samsung is moving people to Google Messages. Scammers are using the confusion to send fake "verify your account" and "your messages will be lost, migrate now" texts and emails with links. Samsung's real notice lives inside the app and never contains a link. Here is how to tell them apart.

SafeBrowz Threat Research Security ResearchJuly 2, 20269 min read

Is the Samsung Messages "switch now" text real?

Verdict: no. Any text or email about the Samsung Messages shutdown that contains a link and asks you to "verify", "migrate", or "complete the switch" is a phishing scam. The shutdown itself is genuine: Samsung is retiring the Samsung Messages app on July 6, 2026 for US users and moving them to Google Messages. But Samsung's real notice appears inside the app, and it never sends a standalone text with a link, and never asks for your password, a login, a payment, or a verification code. If you got a link, do not tap it. Switch by opening Google Messages from the Play Store yourself, or follow your phone's built-in prompt in Settings.

Why this is spreading now

Samsung confirmed that Samsung Messages will be discontinued in July 2026 for customers in the United States, with the app stopping on July 6, 2026 (Samsung; Techlicious, 2026). Newer Galaxy phones already ship with Google Messages as the default, and existing conversations transfer automatically when you switch, though a large message history can take up to 24 hours to move over. Forbes reported Samsung setting a firm deadline and pushing users to "upgrade" to Google Messages (Zak Doffman, April 2026), and Android Central covered the shutdown date and the alternatives. That is exactly the kind of real, widely-reported change scammers love. Fox News and CyberGuy (Kurt Knutsson) warned that fraudsters are already exploiting it, because Samsung does not normally text you a link to change apps, which leaves a gap a fake message can slip into. This is a variant of a scam that already hit Samsung owners: in late 2025 a fake "Samsung Members" verification message threatened a $500 fine to pressure people into a link (Android Authority; PiunikaWeb, 2025).

What the scam looks like

It arrives as a text message, and sometimes an email. The sender is dressed up to look official: "Samsung", "Samsung Support", "Galaxy Messages", or even "Google Messages Migration". The wording plays directly off the headlines people have been reading.

The script is always some flavor of urgency plus a link. "Your Samsung Messages account must be verified before July 6 or your texts will be permanently deleted." "Action required: complete your migration to Google Messages now." "Confirm your account to keep your message history." Then a button or a shortened link. Tap it and you land on a page that looks like a Samsung or Google sign-in, a "migration" form, or an app-download prompt.

From there it splits two ways. The credential-harvest version asks you to log in with your Samsung account or Google account, and whatever you type goes to the attacker, who then tries to take over the account in real time, including any two-factor code you enter. The malware version pushes you to "install the new messaging app" as a file you sideload outside the Play Store, which is really an Android banking trojan or SMS-stealer, the same trick behind the fake bank app APK scam. Higher-effort versions ask for your date of birth, card details for a fake "migration fee", or a verification code they are using to break into your account at that moment.

The fake addresses to watch for

Samsung's real messaging help lives on samsung.com, and Google Messages lives on messages.google.com and in the Google Play Store at play.google.com. Samsung does not run the switch through a separate "migrate" or "verify" website, and it will never text you one. The hosts below are illustrative lookalike patterns, not live sites, to show the shape the scam reuses.

  • samsung-switch[.]top (Samsung does not host the migration on a separate "switch" domain)
  • galaxy-messages-migrate[.]online (a "migrate" host on a cheap TLD is not Samsung or Google)
  • samsung-account-verify[.]info (a standalone "verify" domain is a classic phishing tell)
  • google-messages-setup[.]app (Google Messages is only on messages.google.com and the Play Store)

A 2026 twist makes the address harder to read on a phone. Attackers hide the link behind a URL shortener, or host the fake page on a trusted cloud platform, so the sender and the first few characters look clean. On a small screen the full domain is easy to miss. The look of the page is not the thing to trust. The registered domain in the address bar is.

๐Ÿ›ก LIVE CHECK

Check a suspicious link right now

Got a "switch to Google Messages" or "verify your Samsung account" link and not sure about it? Paste it below. Our 3-layer engine (Local + APIs + AI) follows the link, reads the page it lands on, and returns a verdict in about three seconds. Free, no signup.

Full scan with deep AI analysis โ†’ ยท No URL is logged to your identity.

How the real Samsung Messages switch actually works

Knowing the genuine process is the fastest way to spot the fake. A few facts the scam relies on you not knowing.

The real notice is in the app, not in a text. Samsung surfaces the shutdown and the prompt to switch inside Samsung Messages itself and in your phone's Settings. It does not send you a standalone SMS with a link asking you to act. If a message about the switch arrives with a link, that alone tells you it is not from Samsung.

Your messages transfer automatically, for free. When you move to Google Messages, your existing conversations transfer on their own, and there is nothing to pay and no account to "reactivate". Any message that threatens your texts will be "permanently deleted" unless you pay or verify is inventing a problem that does not exist. Large histories can take up to 24 hours to finish moving, which is a reason to switch early, not a reason to click a link.

You start the switch yourself. The safe way is to open the Google Play Store, install or open Google Messages, and set it as your default SMS app, or follow the prompt your phone shows in Settings. You never need an outside website, and you never need to enter your Samsung or Google password on a page you reached from a message. This shutdown only affects US users on Android 12 and higher where Samsung Messages is the default app; phones on Android 11 or lower are not affected.

How SafeBrowz catches the fake migration page

The text is the bait, but the damage happens on the page it opens. That is the layer a detection engine can break. Here is what SafeBrowz does with the lookalike address when you open or paste it, using its 3-layer detection (Local + APIs + AI).

  • Layer 1, local detection, runs inside the browser with 60+ URL pattern signatures and 550+ brand signatures. It resolves the final landing host and checks whether a known brand, here Samsung or Google, is appearing on a domain that is not their official one. A page that imitates a Samsung or Google sign-in while sitting on a "-migrate" or "-verify" domain is flagged content-free, before the login form even finishes rendering. The clone does not have to fool anything. The mismatch between the brand and a non-official domain is enough.
  • Layer 2, reputation and API checks, aggregates threat intelligence including Google Safe Browsing, PhishTank, URLhaus, ScamAdviser, and scam-TLD signals, so a lookalike someone else has already reported is caught on reputation alone.
  • Layer 3, AI content analysis via our proxy (Premium), reads the live page in 100+ languages and recognizes a login-and-credential-capture or fake app-download layout impersonating a brand. This is what flags a brand-new clone that no blocklist has seen yet, the moment it loads, including pages hidden on trusted cloud hosts.

Honest scope: SafeBrowz flags the fake Samsung or Google page before you type into it or download from it, which is the right place to stop this. It cannot pull back a password or a code you have already submitted, or uninstall an APK you already sideloaded, which is why the human habit, never switching apps from a text link, sits alongside the engine. The free browser extension does this on desktop, and the SafeBrowz Android app on Google Play applies the same engine to links you open on your phone, where every one of these messages is read.

Detection signatures come from threat-intelligence research and our internal brand database, not from user browsing data. SafeBrowz does not store per-user browsing history.

Red flags: when a Samsung Messages message is a scam

  • It contains a link. Samsung's real shutdown notice is in the app and in Settings, never a standalone text with a link to click.
  • It sets a deadline or threatens your data. "Verify before July 6 or lose your texts" is manufactured urgency. Your messages transfer automatically and for free.
  • It asks for a password, login, or verification code. The genuine switch never asks you to sign in on a website or hand over a one-time code.
  • It asks for a payment or "migration fee". Moving to Google Messages costs nothing. Any fee is a scam.
  • It tells you to install an app from a link or a file. The only safe source for Google Messages is the Google Play Store, not a sideloaded APK from a text.
  • The sender or link domain is not Samsung or Google. Extra words, hyphens, or an odd ending like .top, .online, or .info are a tell.

Any one of these is reason to stop. The same instinct protects you from the everyday smishing texts that pretend to be a service you use and from the fake delivery texts that run on the exact same urgency-plus-link formula.

What to do right now

  1. Do not tap the link, and do not reply. Replying tells the scammer your number is live and worth another try.
  2. Check inside the app instead. Open Samsung Messages and your phone's Settings. The genuine shutdown prompt and switch guidance appear there. Nothing in the message app means the text was fake.
  3. Switch the safe way. Open the Google Play Store, install or open Google Messages, and set it as your default SMS app. Your conversations move over automatically, no website and no login required.
  4. Never enter your password or a code from a message link. Read the domain in the address bar before you type anything, and only use samsung.com, messages.google.com, or the Play Store.
  5. Do not install any messaging app from a link or file. Only the Google Play Store. If a page tells you to enable "unknown sources" to install, close it.
  6. Report it. In the US, forward the scam text to 7726 (SPAM) so your carrier can block the number, and report to the FTC at reportfraud.ftc.gov and the FBI at ic3.gov. Then delete it.
  7. If you already entered your details or installed the app, change your Samsung and Google passwords from a device you trust, turn on two-factor authentication, remove any app you sideloaded, and watch for unexpected logins or texts sent from your number.

Updated July 2, 2026.

Block the fake migration page before you tap

SafeBrowz is a free browser extension for Chrome, Firefox and Edge (Safari coming soon) plus a live Android app that follows a "switch to Google Messages" or "verify your Samsung account" link to where it lands and flags a fake Samsung or Google page before you enter anything. It recognizes 550+ brands, auto-flagged when a page tries to impersonate them, with AI content analysis in 100+ languages for brand-new clones, including pages hidden on trusted cloud hosts. Free forever, no account needed. Questions: [email protected].

Chrome Add to Chrome Firefox Add to Firefox Edge Add to Edge Android Get on Android

Bottom line: the Samsung Messages shutdown on July 6, 2026 is real, but the "click here to switch" text is not. Samsung's notice lives in the app and never sends a link or asks for a password, a code, or a payment, and your messages move to Google Messages automatically and for free. Do not tap the link, start the switch yourself from the Play Store, and put SafeBrowz on your browser and phone so the fake migration page gets flagged before you ever type your account details.

Frequently asked questions

Is the Samsung Messages shutdown real?

Yes. Samsung confirmed it is discontinuing the Samsung Messages app on July 6, 2026 for customers in the United States and moving them to Google Messages. What is not real is any text or email with a link that says you must "verify", "migrate", or "reactivate" to keep your messages. That link is a phishing scam, even though the underlying shutdown is genuine.

Does Samsung text you a link to switch to Google Messages?

No. Samsung's real notice about the shutdown appears inside the Samsung Messages app and in your phone's Settings, not as a standalone SMS with a link. Samsung does not ask you to click a link, sign in on a website, or enter a code to switch. If a message about the switch arrives with a link, that alone is a sign it is a scam.

Will I lose my text messages when Samsung Messages shuts down?

No. When you move to Google Messages, your existing conversations transfer automatically and for free. There is nothing to pay and no account to reactivate. A large message history can take up to 24 hours to finish moving, which is why switching a little early is easier, but no message will threaten to delete your texts unless you click, pay, or verify. Those threats are the scam.

How do I switch to Google Messages safely?

Open the Google Play Store, install or open Google Messages, and set it as your default SMS app, or follow the prompt your phone shows in Settings. You never need an outside website and never need to enter your Samsung or Google password on a page you reached from a text. This change affects US users on Android 12 and higher; phones on Android 11 or lower are not affected.

What if I already tapped the link and signed in?

Change your Samsung and Google account passwords from a device you trust, turn on two-factor authentication, and remove any app you were told to sideload. Check for logins you do not recognize and for texts sent from your number. If you entered card details, contact your bank. Report the text to 7726 (SPAM) and to the FTC at reportfraud.ftc.gov.

How does SafeBrowz stop this scam?

SafeBrowz runs a 3-layer engine (Local + APIs + AI) in your browser and on Android. It resolves where the link actually lands and flags a page that impersonates Samsung or Google on a non-official domain before the login form loads, cross-checks reputation APIs like Google Safe Browsing and PhishTank, and uses AI content analysis to catch a brand-new clone, including one hidden on a trusted cloud host. It flags the fake page before you type or download, though it cannot recover a password you already submitted, so pair it with never switching apps from a text link.

Related reading