Two strange attempts
I had to make a post about these two recent texts that were received. Both are extremely strange in nature. The first here on the right, is a text stating that "We are unable to decline a charge...". What does that even mean? The shear oddity of this text would at least make someone click the link. Maybe that is the point. However, why would I receive a notification if a charge was UNABLE to be declined? Let alone, why would I need to verify this? It does hit on the same vein of text alerts of potential fraudulent charges that you may receive from you bank/card issuer.
"[ORGANIZATION]: We are unable to decline a charge, visit [LINK] to verify."
The next text that was received was out of this world. First, the sender of this text is outrageously fraudulent. Domain name of "jocemp.website"? I don't think that is in any way legitimate Next, the context of this text is that somehow I got locked out of my Amazon account, my account is suspended, and I need to take action by clicking this link. It is more clever. The login IP is suspect, I live in the West, so why would I be logging in from Turkey? However, the more I read this the more and more it reads like a phishing attempt. Since when does Amazon text you that your account was suspended due to an UNUSUAL login? It would just be an alert if anything. Lastly, the link that is provided is "...buildacool.com...". Red flags.
Bottom line, be vigilant - these phishing attempts are becoming more aware of our legitimate text alerts and are piggybacking off the structure. Best mode of practice is that if you didn't take an action that resulted in this text AND the link/sender looks odd - it is 100% a phishing attempt.
"Security Alert: We've suspend your [ORGANIZATION] account due to unusual login. [RANDOM IP]. Our system has suspend your [ORGANIZATION] account for security reasons. To unlock your [ORGANIZATION] account, please verify with link below [LINK]. You need to take action within 2 days before account will be suspended. Regards, [ORGANIZATION] Teams."
Comments are closed.
Welcome to my phishing documentation blog. You can see a running list of attempts HERE. If you experience a fraud attempt please report to the FTC here: LINK