Spot the Scam: Smishing, Phishing Emails, and COVID Vaccine Scams (Week of January 15th)

Spot the scam_vaccine

It’s that time of the week again! In this post, we’ve selected some widespread scams to discuss in detail, including T-Mobile smishing texts, CHASE bank fake fraud alerts, and COVID-19 related scams. Do you know how to spot these on your own?

T-Mobile Phishing Texts


How does it work?
Scammers are sending fake texts pretending to T-Mobile. In these texts, they falsely claimed that they are giving away “rewards” and ask recipients to click the link to select their gifts. DO NOT click! It is a phishing link.

If you take a closer look, you will spot typos. For example, the word “Mobile” is misspelled as “Moble” or “M0bile.” “Our” is misspelled as “0ur.” Once you click the link, you will be directed to a login page and asked to enter login credentials. Such action allows scammers access to your personal information for other scams such as identity theft.

Examples of T-Mobile phishing texts.
Examples of T-Mobile phishing texts. Source: Reddit/Twitter

The content of T-Mobile phishing texts:
Happy 2O21 From T-Moble! Your New Upgrade, Is Ready Select 4 Rewards to Show 0ur Thank You http://yam .talkdwinter.com/cs12/bQJWBQpvkj

How to avoid T-Mobile phishing texts?

  • Double-check the sender’s mobile number.
  • Reach out to T-Mobile’s customer service to verify the legitimacy of the text messages.
  • NEVER click links or attachments from unknown sources. Check the link’s safety status first using Trend Micro Check!
    Copy and paste the link, and let Trend Micro Check take care of the rest. You can send screenshots directly to Trend Micro Check as well!
Send screenshots directly to Trend Micro Check for immediate scam detection.
Send screenshots directly to Trend Micro Check for immediate scam detection.

Chase Bank “Fraud Alert” Phishing E-Mails 


How does it work?
Scammers are sending “fraud alert” emails pretending to be Chase, tricking recipients into believing there are security issues about their bank account. In these emails, they will ask recipients to directly click the button in the email to ‘verify.’

If you’ve been following our blog, you might be aware that these buttons are hyperlinked with phishing links, which will take you to a fake login page that asks for your login credentials. Such action will allow scammers access to your bank account and potentially claim ownership of it.

A Chase bank phishing email.
A Chase bank phishing email. Source: Twitter

This is what a fake Chase bank login page looks like:

The content of Chase bank phishing emails:
CHASE Dear Customer,
We’re letting you know that we’ve detected some unusual activity on your card on 12/28/2019. For your security, please verify the following transaction(s) so that you can continue to use your card Do you recognize all of these transaction(s)? Approved transaction at SQC*CASH APP for $224.49 on 12/28/2019 Declined transaction at TOP UP B.V. for $624.11 on 12/28/2019 Approved transaction at BESTBUY for $124.59 on 12/28/2019 YES, I recognize all of these transactions YES will make your card immediately ready to use again NO, I don’t recognize one or more of these transactions NO will allow you to complete the verification process and file a fraud claim in Online or Mobile Banking Please do not reply to this automatically generated message. If you have any questions, please call us at the number located at the top of your statement.

How to avoid Chase bank phishing emails:

  • Double-check the sender’s email address. admin@vagaro.com is not an official email address of Chase bank officials.
  • NEVER click links or attachments from unknown sources. Contact the official website or reach out to government agencies directly for help.
  • Check if the link provided is secure using Trend Micro Check. Copy/paste the link or send a screenshot for immediate scam detection.

Read more about other phishing scams:

COVID-19 Contact Tracing Scam


How does it work?
Scammers disguised themselves as COVID-19 contact tracers and reach out to people via phony phone calls. In these calls, scammers would ask people to provide their personal information and financial credentials such as banking details or Social Security numbers.

If you receive calls telling you that you have been exposed to someone with COVID-19 and then request for ‘too personal or too detailed’ information, please be cautious. The Erie County Department of Health has launched a scam alert on fake contact tracing scams:

How to avoid COVID-19 contact tracing scams?
As suggested by the Federal Trade Commission (FTC):

  •  Don’t pay a contact tracer. 
  • Don’t give your Social Security number or financial information. (e.g., credit card number)
  • Don’t share your immigration status.
  • Don’t click on links or download anything sent from the contact tracer.
    You can copy/paste the link or send a screenshot to Trend Micro Check for immediate scam detection.

COVID-19 Vaccine Scams


How does it work?
This week we’ve spotted 2 common COVID-19 vaccine scams:
1. Fake COVID-19 in-home testing kits and vaccinations
Scammers disguise themselves as government workers by sending fake messages to people, claiming COVID-19 tests are required and demand money. In other cases, they send phishing links that will take the victims to fake websites, encouraging them to enter their personal information, such as Social Security numbers or bank account details.

On a relevant note, scammers are selling unauthorized health products online. “Ingredients in them could cause adverse effects, and could interact with, and potentially interfere with, essential medications,” according to the FDA.

2. Fraudulent charges for COVID-19 vaccines
Florida counties use Eventbrite to schedule COVID-19 vaccine appointments. Since the site is open to the public, scammers pretend to be someone from Florida health departments, reaching out to locals and tricking them to pay online to secure vaccine appointments.

So far (as of January 15th), the Florida Health Pinellas has temporarily stopped taking new appointments. They also warned about the issue on their Twitter:

How to avoid COVID-19 scams:

  • Contact the organization/governmental agency directly to see if the contact is authentic.
  • Don’t click on any links or download any attachments. Check the safety of the web address using Trend Micro Check. Send your links to Trend Micro Check for an immediate security check before you click.

Read more about other COVID-19 related scams:

Did you successfully spot the scams? Remember, always CHECK before your next move.

If you think Trend Micro Check is helpful, please SHARE to protect your family and friends.

Click on the button below to try Trend Micro Check for free now:

Video claiming Dave & Buster's restaurant was founded by Dave Chappelle and Busta Rhymes.  Source: TikTok

You Might Also Be Interested In