Text message phishing attacks are on the rise. In these ‘smishing’ attacks, scammers pose as well-known companies and organizations to steal sensitive information through phishing links in spoofed text messages.
In this post, we will share the details of a few popular phishing scams – Pfizer, Sony PlayStation, Pizza Hut, Pepsi, and Royal Mail. You will see how these phishing scams work and learn how to avoid them. Read to the end for tips on how to spot similar scams and avoid becoming a victim of “smishing.”
Pfizer COVID-19 Vaccine Survey Scam
COVID-19 vaccines remain a hot topic, and scammers take advantage of this to grab your attention. Posing as the Pfizer company, scammers send text messages falsely claiming that you can get a reward for participating in an online survey about COVID-19 vaccines. The message contains a phishing link.
Upon clicking the link, you will be asked to enter personal information. Then you are told that you have won a pair of AirPods. To claim your gift, you have to pay the “delivery fee,” and you are prompted to submit your credit card number and CVC code.
Content
PFlZER C0VlD19 VACClNE REGlSTRATl0N-Give Us Your 0pinion,&CoIIect Your $9O Participation GlFT: <URL>
Give Us Your 0pinion About PFlZER’S C0VlD19 Vaccine & Get Your $9O Participation Reward<URL>
Sony PlayStation Giveaway Scam
In this campaign, scammers posing as Sony send text messages falsely claiming that you can receive a free PS5 from BestBuy through a link they provide.
The phishing link takes you to an online survey page that prompts you to enter sensitive personal information and banking details, such as credit card number and CVC code, to pay the “delivery fee.”
Read more about PS5 giveaway scams:
Content
/ SONYPS5-PROMO5296 / / 10Free PS5 Today From BESTBUY <URL> Don’t Miss Out BESTBUY: WE VALUE OUR CUSTOMERS!
/ 8 Free PS5 Today From BESTBUY <URL> Don’t Miss Out BESTBUY: WE VALUE OUR CUSTOMERS!
Fake Sony PlayStation Direct Website
Besides phishing text messages, many fake Sony PlayStation Direct websites have turned up recently.
The web pages, which look nearly identical to the real PlayStation site, trick you into submitting your PlayStation Network account and password. Scammers can then gain access to your PlayStation account and the financial credentials saved there.
Pepsi/Pizza Hut Facebook Giveaway Scams
In another campaign, a fake Facebook fan page named “Pizzahut-com” claims to be giving away free pizzas and coupons. A similar phony fan page claims to represent Pepsi, as reported by Snopes.
The tactics of these two Facebook giveaway scams are essentially the same.
In the Pizza Hut scam, the Facebook posts prompt you to register for the campaign through a phishing link. It leads you to a website where you are prompted to click the ‘register’ button and enter personal information including your home address and credit card number (for “delivery” of your reward).
Of course, no pizzas are delivered, and the data you provided ends up in the scammers’ hands. They can steal your money and use your personal information for other scams such as identity theft.
Royal Mail Parcel Delivery Phishing Scam
In another campaign, scammers claiming to be from Royal Mail send text messages directing you to “confirm the settlement of a package” by clicking on a link.
If you take the bait, you will be asked to enter your home address and other personal identifiable information (PII). Scammers can use this information for scams such as identity theft.
Content:
Royal Mail: Your package has a £2.99 shipping fee, to pay this now visit https://royalmail -reshippment.com. Actions will be taken if you do not pay this fee.
How to protect yourself from phishing scams?
- Double-check the sender’s mobile number/email address
- Reach out to the official website or customer support directly for help
- NEVER click links or attachments from unknown sources
Use Trend Micro ScamCheck for immediate scam detection!
Copy-paste a link and send it to Trend Micro ScamCheck on Messenger or WhatsApp to detect scams. Or you can send a screenshot of suspicious text messages:
Trend Micro ScamCheck is also available as a Chrome extension. It will block dangerous sites for you automatically:
Did you successfully spot the scams? Remember, always CHECK before your next move. Click on the button below to try Trend Micro ScamCheck for free now:
If you think Trend Micro ScamCheck is helpful, please SHARE to protect your family and friends.