DANIEL
  • About
  • Running
  • Research
  • SMS Blog

Summer Update

7/25/2022

 
I honestly haven't received any SMS phishing attempts since February 2022, ~5 months ago. With lack of content phishing attempts I haven't had the chance to add anything to the blog. However, just recently I did receive 2 more phishing attempts. Both of which were within 10 days of each other. Maybe this has something to do with summer travel and people going on vacation? Quite possibly.

The first SMS received was another typical delivery confirmation (see below). It was stating that the delivery address was incorrect and that I need to click this link to update my information or else the package will not be delivered. No mention of the carrier (UPS, FedEx, etc.) nor the store (Amazon, Target, etc.). This is immediately flagged as a phishing attempt.

"Your delivery address is incorrect and the package cannot be delivered, please update the address information in time at the link. [LINK]"
Picture
The second SMS received was actually a bit more clever (see below). With people traveling this summer you are more often than not going to receive notifications from your bank or card issuer that your card has been locked due to "suspicious activity" since you may have travelled out of state and made a large purchase. It looks somewhat legitimate, but with it being all caps, strange grammar, and a specific call out to a very popular vendor (Apple) - it immediately raises a red flag for me.

"[BANK]:CARD LOCK DUE TO [MONEY AMOUNT] WAS SUBMITTED TO [COMPANY] NOT YOUR REQUEST? VISIT [LINK] TO CANCEL"

Oddly enough, I actually received one last week that was legitimate. A purchase was made out of state and the bank immediately sent a similar text saying that the card was locked. I appreciate the ability of banks to respond quickly, but it assumes the user has trust in the delivery mechanism. Even though I received the legitimate text, I called the bank directly and asked about it. Anymore, if an institution reaches out to me via text - I inquire through a different channel as the possibility for phishing has steadily been rising over the past few years. Besides, with so many accounts being linked to personal phones - there is the risk that any engagement with a fraudulent phish attempt will result in a compromised account.
Picture

Insurance Phish?

2/20/2022

 
As an initial PSA, if you are trying to locate the contact information of the Maryland Department of Labor, you can navigate to their official site here: www.labor.maryland.gov/employment/officenum.shtml. 

Nothing is off the table, especially when these scammers target the most vulnerable. This text was received recently and the first red flag here is that I never filed for unemployment, and even if I did I do not reside in Maryland. Additionally, the link is not even a ".com" nor a ".gov" website address. I have never heard of any insurance outreach using a ".net" extension. Lastly, the area code these scammers use is an area code that resides in Florida (the Miami area). Why would I contact a random number in Florida for a Maryland issue? I urge people to be cautious and careful - this is fraud and impersonation of a critical service offered by the Maryland Department of Labor.

"DoNot-reply Your [STATE] BEACON Unemployment Insurance Claim account is currently on hold verify now by clicking the link [LINK] Or Text 'READY' To Via [PHONE NUMBER]"
Picture

Package Support

2/6/2022

 
Well this was a surprise. I was just thinking last week that I hadn't received any spam text recently - then this was just sent to me. This entire message and attempt makes no sense. What is valuable rest? What is a "tracing number"? Why do I need to "confirm" my address for anything? And why is there no mention of any company? It just states "Package Support". Okay, great - this is the most generic text I received and as such raises red flags immediately. 

"Package Tracking: Hi, this is [NAME] from Package Support. Your package with tracing number [NUMBERS] is waiting for you to confirm the shipment address: [LINK]"
Picture

Compromised privacy...

1/11/2022

 
I recently received a text stating that my privacy has been compromised...so I must click this suspicious link. The link of course will end up compromising my privacy and security. It is a clever phishing attempt purporting to be sent by a major cellular carrier. The sense of urgency is high - privacy! It is a very serious thing and unfortunately those sending these phishing texts are preying on real fears that people have - which only in turn further exacerbates said fear. The only two things that stood out to me on this otherwise official looking text is that it came from an actual number that most likely belongs to a user. Usually these mass texts come from a non-typical phone number. The other thing that stood out was the link itself disguising as a shortened URL which begs caution. Another thought that came to mind was that if you do receive a text like this - it is usually accompanied by a phone call or push alert from the cellular carrier itself - neither of which occurred.

"[COMPANY] Free Msg: Your Privacy Has Been Compromised. Immediate Action is Required >> [LINK]"
Picture

Reward for paying my bill?

1/6/2022

 
Apparently you get rewarded for paying your bill. I'll be honest, this one is actually quite clever. This message mimics a few Verizon messages that are sent out regarding your data limit such as you have exceeded your limit and the like. However, this one caught my attention because it looks like someone sent it from their actual phone number - the other flag is that Verizon is willing to reward me for paying my bill. First of all, when has anyone received a reward for paying a bill on time? I appreciate the gesture but this text requires a healthy dose of skepticism.

Honestly, I have received a few other messages like this in the past few months that were talking about Verizon trade-in offers. I had no interest in trading in my phone so I didn't look closely at them - however after seeing this text, I imagine that the trade in text is also a phishing attempt.

"[COMPANY] Free Msg: [MONTH] bill is paid. Thanks, Here's a little gift for you: [LINK] Happy New Year!"
Picture

Another shipment tracking...

11/20/2021

 
It has been a few months since I received a phishing text. On one hand I was glad, on the other I was sad since I need keep this blog up to date with fresh content. Coincidentally, the same day I was thinking about this I finally received a text.

This one is similar to the USPS one, asking to click a link to view your tracking information, however the senders of this one need to know their audience. Instead of the word "package" they used "parcel". Right when I read that word I knew immediately this was spam. Then reading further into the text it is so very vague and the link makes no sense. Additionally, why would I click a link to "check" my shipping address? It is not even close to realistic text.

"Shipment Tracking: Hi, your parcel with tracking code [ID] is waiting for you to check the shipping address: [LINK]"
Picture

Venmo Attempt

9/22/2021

 
These scammers are getting more crafty. I have recently noticed attempts purporting to be from Venmo. In these texts they bait you with the allure of a potential $100 gift in exchange for a quick 2 minute survey. I worked in research during my prior career and paying a participant $100 in exchange for 2 minutes of their time is overwhelmingly too good to be true. Additionally, the link they push out is clearly a scammy link. In reality, by you tapping that link, you will not receive the $100 nor will your phone or personal information be safe going forward.

"Venmo User: You have been selected to receive a free gift worth at least $100 for a 2 minute survey  [LINK]"

"Dear Venmo Customer, You have been selected to receive a free gift valued at least $125 for a 4 minute survey [LINK]"

Picture
Picture

AT&T Attempt

9/12/2021

 
This is a different style. This came through yesterday evening and it is mimicking some of the texts that companies send you to alert you about something regarding your account. Most of the time they are alerts like "You are out of data" or "Your payment has been received". This text takes that similar approach but tries to force you to click a clearly malicious link through the allure of a possible gift. Firstly, my name is not James, secondly I didn't even pay a bill. Please stay vigilant.

I also received two more similar messages, but in this case they are regarding my "bill is processed". First of all that makes no sense, secondly the message purports to be from "AT&T" but they clearly misspelled it as "ATT". Lastly, why would anyone freely give you a gift for paying your bill? Too good to be true.

"AT&T Free Msg: bill is paid. Thanks, [NAME]! Here's a little gift for you: [LINK]"

"(ATT) Latest bill processed! Thank you for your support. Here's a little something for you >> [LINK]"
Picture
Picture
Picture

costco attempt

7/6/2021

 
Talk about bad grammar. Another clear phishing attempt was sent along. This one was interesting in that many of us are incentivized to fill out surveys on our shopping experience and this is typically printed on our receipts. However, we haven't been to Costco recently nor have we ever filled out those receipt surveys. Lastly, the link that is given just screams to be flagged.
"Costco: [NAME], the code [CODE] printed on your receipt from 14 came in 2nd in our iPhone draw: [LINK]"
Picture

instagram attempt

5/13/2021

 
This attempt I have heard has been fairly common recently. I received 2 of these attempts within 3 hours of each-other. I am located in the Eastern Standard Time zone and any attempt by me to access my Instagram account at 3 AM seems sketchy at best. This is clearly a phishing attempt by someone who is clueless when it comes to time zones. Please watch out for these.
"Tap to get back into your [Software App] account: [LINK]"
Picture
<<Previous

    Author

    Welcome to my phishing documentation blog. You can see a running list of attempts HERE. 

    Archives

    July 2022
    February 2022
    January 2022
    November 2021
    September 2021
    July 2021
    May 2021

    Categories

    All
    Account Access
    Bill Processed
    Compromised Privacy
    Free Gift
    Gift
    Group Phishing
    Insurance
    Random
    Random Drawing
    Shipment Tracking
    Survey
    Unemployment
    Verify Account

    RSS Feed

Proudly powered by Weebly
  • About
  • Running
  • Research
  • SMS Blog