Trend Security Expert
•
866 Messages
•
34.9K Points
Smishing Scams! Protect Yourself Against Text Message Phishing
How many messages do you receive every day? How many of them are actually scams? We rely on text messages to find out when our packages arrive, to get the latest promotions, and to be notified when there are suspicious activities on our accounts.
Smishing is phishing through text messaging. Scammers use smishing to get personal information using messages that pretend to give bank account updates, package delivery information, and vaccine news.
The 3 Most Common Smishing Scams
1. Delivery Scams
Scammers fake notifications from delivery companies such as FedEx or UPS using text messaging. Scammers put phishing links in the message and ask recipients to click on the links to verify the delivery address or to confirm acknowledgment of the shipment.
Delivery smishing scams. Source: Twitter
2. Bank Scams
Lots of scammers spoof text messages from banks and pretend that suspicious activity was found on the recipient’s bank account. They send fake notifications and ask the recipients to click on a phishing link to confirm or resolve any issues. The victim is directed to a fake bank website that asks for financial credentials, like passwords, credit card numbers, or bank account details. With this information, scammers can gain access to the victim’s bank account and steal their money.
Examples of phishing texts. Source: Twitter
3. Vaccine Scams
Scammers pretend to represent the CDC, FDA, WHO, or medical companies such as Pfizer or Moderna, falsely claiming that the recipient of the text can apply for early access to the COVID-19 vaccine through the link provided. These messages may also pretend to provide the latest news about the pandemic in order to lure people to click a link.
Vaccine smishing message. Source: Twitter
The best way to protect yourself is not to respond to smishing messages.
Text messages phishing scams are on the rise. Share to protect your family and friends!
Read the full article here: https://tmcheck.us/6K8c77YM
Trend Micro Check is an all-in-one tool to detect scams and misinformation.
Try Trend Micro Check for free now:
Messenger / WhatsApp / Chrome extension
Tell us what you think. Leave a comment below or hit that like button!
bvasilev
Superstar
•
190 Messages
•
7.6K Points
3 years ago
Example:
https://www.virustotal.com/gui/ip-address/185.61.152.58/relations
They send various types of messages, but they are all similar. They consist of one brief sentence, which attempts to get the user's attention, e.g.
"You added a new payee",
"Your payment couldn't be processed" or
"You have a pending refund".
This is then followed by a malicious link, leading to a page that is usually a very convincing copy of the original one. The domain itself however has never been spoofed from what I've seen and it's usually obvious that it is not an official URL.
All of these messages come from a standard UK mobile number (+447xxx), which is not what a real bank, institution or any legit business would use to send a text. They are rather generic and include no personal information, such as name or address, which is again a clear evidence that the message is fraudulent.
The vaccine scam domains are usually resolved to the same IP address as the scams mentioned above, which is an evidence that they are being ran by the same group.
Users should not open any links in messages of this type.
(edited)
0