We’ve found a large number of phishing scams that you should watch out for, including ones relating to PayPal, MetaMask, USPS, and Amazon. Would you have been able to spot all the scams?

Phishing Scams

Impersonating famous brands and companies, scammers will send out phishing links (usually via text message or email) and try to entice you into opening them with various lies. As seen below, these phishing links will lead to malicious websites containing fake log-in pages.

MetaMask KYC Phishing​ Email

We’ve reported a lot of fake MetaMask emails last year. As time goes by, there are more and more phishing attempts leveraging MetaMask’s name. Falsely claiming that your MetaMask wallet could be suspended soon due to the Know Your Customer (KYC) regulations, scammers prompt you to click the attached link to validate your account:

The link will take you to a fake MetaMask login page that requests for your seed phrase, or recovery phrase – the ultimate key to your crypto wallet.

If you’ve ever fallen for the scam and yielded your recovery phrase, scammers can use it to take control over your crypto wallet and steal every “bit.” Don’t let them!

Detect Phishing Links with Ease — Trend Micro Check

Trend Micro Check is a browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!

Check out this page for more information on Trend Micro Check.

Paypal Invoice Scam

We’ve already seen too many PayPal invoice scams before. This week scammers pretend to be from a company called Bill Pay and send you an invoice via PayPal:

Here are more details of how these PayPal invoice scams unfold:

1. Scammers create fake profiles on PayPal and send you an invoice.
2. They prompt you to make a phone call to claim a refund if you don’t recognize the payment.
3. They will instruct you to provide personal info/money over the phone call, or even trick you to give them remote access to your device.

The trickiest part is that the sender’s email address of the invoice are REAL (@paypal.com). We suggest that if any invoice contains instruction off the PayPal system (i.e. ask you to make a phone call instead of using PayPal application), it is a major red flag. Stay alert!

USPS Shipping Scam

Every day is a shopping day, and every day you are the target of a delivery scam! We’ve written about fake USPS shipping notification texts and emails, and this week there’s still a new version:

• [US/P.S]:We cannot deliver your package to door due to the incomplete house number, please fill in the address-: <URL>

The attached link will take you to a fake USPS tracking page that asks you to submit some personal information, including your street address and phone number. 

Don’t enter anything! Scammers can record the data you enter onto these pages and use it to take control of your accounts and commit crimes such as identity theft.

Amazon Phishing Texts

Amazon is another most impersonated brand. This time scammers send you fake security alerts with a set of One-Time Password (probably fake) and urge you to click on the phishing link to secure your account:

• 801626 is your Amazon OTP.If you didn’t authenticate this transaction,click here <URL>

Again, the attached link will lead to a fake Amazon login page. Scammers can record all the credentials you’ve submitted and use them for their own good:

Protect Yourself from Phishing Scams

• Pay close attention to URLs — are they legitimate?
• Double-check the sender’s mobile number/email address; even if it seems legitimate, don’t click on any attached links. Go to the official website/application instead!
• Never click on links or attachments from unknown sources. Use Trend Micro Check to surf the web safely (it’s FREE!).
• Change your password as soon as possible if you’ve already clicked on a suspicious link. Consider using our online Password Generator (also FREE!) to create strong, tough-to-hack passwords.
• Finally, add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection will help you combat scams and cyberattacks. Click the button below to give it a try.

If you’ve found this article an interesting and/or helpful read, please SHARE it with friends and family to help keep the online community secure and protected. Also, please consider leaving a comment or like below. Stay safe, folks!