tm_kree's profileBrand User
 Superstar

 Superstar

 • 

257 Messages

 • 

8.8K Points

Fri, Feb 26, 2021 1:59 AM

Closed

Smishing Scams! Protect Yourself Against Text Message Phishing

Smishing Scams! Protect Yourself Against Text Message Phishing

How many messages do you receive every day? How many of them are actually scams? We rely on text messages to find out when our packages arrive, to get the latest promotions, and to be notified when there are suspicious activities on our accounts.


Smishing is phishing through text messaging. Scammers use smishing to get personal information using messages that pretend to give bank account updates, package delivery information, and vaccine news.

 

The 3 Most Common Smishing Scams

 

1. Delivery Scams

Scammers fake notifications from delivery companies such as FedEx or UPS using text messaging. Scammers put phishing links in the message and ask recipients to click on the links to verify the delivery address or to confirm acknowledgment of the shipment.

 

Image

 

Delivery smishing scams. Source: Twitter

 

2. Bank Scams

Lots of scammers spoof text messages from banks and pretend that suspicious activity was found on the recipient’s bank account. They send fake notifications and ask the recipients to click on a phishing link to confirm or resolve any issues. The victim is directed to a fake bank website that asks for financial credentials, like passwords, credit card numbers, or bank account details. With this information, scammers can gain access to the victim’s bank account and steal their money.

 

Image

 Examples of phishing texts. Source: Twitter

 

 

3. Vaccine Scams

Scammers pretend to represent the CDC, FDA, WHO, or medical companies such as Pfizer or Moderna, falsely claiming that the recipient of the text can apply for early access to the COVID-19 vaccine through the link provided. These messages may also pretend to provide the latest news about the pandemic in order to lure people to click a link.

Image

Vaccine smishing message. Source: Twitter

 

 

The best way to protect yourself is not to respond to smishing messages. 

 

Image

Text messages phishing scams are on the rise. Share to protect your family and friends!

 

 

Read the full article here: https://tmcheck.us/6K8c77YM

 

 

Trend Micro Check is an all-in-one tool to detect scams and misinformation.

 

 

Try Trend Micro Check for free now: 

Messenger / WhatsApp / Chrome extension

 

 

Tell us what you think. Leave a comment below or hit that like button!

 

 

bvasilev

 Superstar

 • 

181 Messages

 • 

7.2K Points

9 m ago

Regarding the HSBS Bank, the same group distributes various other SCAM messages, mimicking HMRC (UK tax institution), Vodafone, EE, Three (UK-based mobile carriers) and many others. Analysing the relations of one domain on VirusTotal reveals plethora of other spoofed organisations.
Example:
https://www.virustotal.com/gui/ip-address/185.61.152.58/relations

They send various types of messages, but they are all similar. They consist of one brief sentence, which attempts to get the user's attention, e.g.
"You added a new payee",
"Your payment couldn't be processed" or
"You have a pending refund".
This is then followed by a malicious link, leading to a page that is usually a very convincing copy of the original one. The domain itself however has never been spoofed from what I've seen and it's usually obvious that it is not an official URL.

All of these messages come from a standard UK mobile number (+447xxx), which is not what a real bank, institution or any legit business would use to send a text. They are rather generic and include no personal information, such as name or address, which is again a clear evidence that the message is fraudulent.

The vaccine scam domains are usually resolved to the same IP address as the scams mentioned above, which is an evidence that they are being ran by the same group.

Users should not open any links in messages of this type.

(edited)

Need Help?

Ask the Community