@r000t I've spoken to some people with more experience of phone networks, and because short codes are only resolved inside the carrier, and because the carrier already knows who you are, spoofing numbers to them should be hard (https://blog.twitter.com/engineering/en_us/a/2012/twitter-and-sms-spoofing actually covers this from a decade ago) - so while this is surprising and there are real risks, it's not an absolute disaster