Check the top SMS and email phishing scams of the week. Can you spot these scams?
What is a phishing scam?
Phishing is when scammers impersonate famous brands, companies, and organizations by sending out fake text messages or emails containing phishing links. The aim is to entice you into opening the malicious links by using various excuses.
So, where do the phishing links lead to?
1. Fake online survey pages:
In some cases, they lead to online survey pages that state you can claim a gift by completing an online questionnaire. After you fill out the survey, you are prompted to enter personal information such as credit card numbers, before your “gift” can be delivered.
2. Fake login pages:
In other instances, the links lead to fake log-in pages impersonating various brands. These pages require you to submit log-in credentials to view your delivery status, change your settings, or for whatever other reason the scammers have given you.
Scammers can record any sensitive information you enter on their survey pages and use the data to commit cybercrimes. For example, they could hack into your account and withdraw your money, and even use your information to commit identity theft. Don’t let them!
Here are the top phishing scams we have observed this week: Walmart, T-Mobile, Costco, USPS, AT&T, Wells Fargo, Apple, Amazon, and 2 email phishing cases.
These phishing text messages lead you to online scam-survey pages, telling you that you can get a gift after filling out the survey:
Fake Security Alert
Security alert notifications always make us nervous, but think twice before you click on the links. Scammers use these fake alert messages with phishing links to prompt you to submit your log-in information on fake log-in pages.
1. Wells Fargo
(Apple Store): There has been unusual activity on your account, please verify this transaction : <URL>
Amazon: Your account has been restricted. To remove Restrictions you have to provide some information about your account. *<URL> [ID SXHSTN]
Scammers send a fake delivery notification to you via text message or email. They claim that you have missed the delivery of a package or that you have to pay a delivery fee to get the package. The notifications always contain a phishing link:
Hi Traci, this is Kyle from Walmart. You have an item addressed to you. Can you please confirm it by today? <URL>
This is your final notice to confirm your delivery before your delivery permanently expires. please confirm immediately by going here <URL>
Unemployment Insurance Scam
Many people have become more reliant on unemployment insurance ever since COVID-19 struck. We’ve reported on unemployment insurance phishing text messages several times, and now new versions have appeared.
Scammers falsely claim that there were issues with your unemployment insurance accounts and that you have to complete verification via the attached phishing link in the SMS. The included link leads to fake government pages:
1. Wisconsin Department of Workforce Development
2. Maryland Department of Labor
3. Illinois Department of Employment Security
“You got invoice from DocuSign service” Scam
Received an email notification that you have to sign an invoice online? Wait a second. It could be a SCAM.
Scammers pose as the DocuSign company and send you an email, requesting you to review or sign an unknown invoice via the embedded button:
DON’T. The button leads to a phishing page. In a worse case, malware will start to download once you click on the button!
Windfall Email Scam
Who doesn’t like money from the sky? But we all know it doesn’t exist, so if you receive emails that grant you huge amounts of money at no cost, just ignore and delete it! Recently, we detected many scam emails entitled “Business proposition” in which scammers falsely claim they are giving you 50 million pounds to “handle”. If you take the bait, you have to provide further personal information to scammers ¾ and you know what will happen.
How to Protect Yourself
- Double-check the sender’s mobile number/email address.
- Ignore too-good-to-be-true offers.
- Reach out to the official website or customer support directly, for help to check any issues mentioned in the text messages/emails.
- NEVER click links or attachments from unknown sources. Use Trend Micro Check to detect scams with ease!
- After you pin the Trend Micro Check browser extension, it will block dangerous sites for you automatically:
2. Trend Micro Check on WhatsApp:
Send a link or a screenshot of a suspicious text message to Trend Micro Check on WhatsApp for immediate scam detection.
Download Trend Micro Maximum Security for even greater protection, including Web Threat Protection, Ransomware Protection, Anti-phishing , and Anti-spam Protection.
Gain access to the Privacy Scanner for Facebook and Twitter, Social Networking Protection, and Parental Controls, too. Click the button below to give it a try:
Did you successfully spot the scams? Remember, always CHECK before giving out personal information. If you found this article helpful and/or interesting, please do SHARE to help protect your friends and family!