This week we’ve found phishing attempts in which scammers are impersonating Apple and Capital One. Would you have been able to spot these scams?
Phishing Attempts
Phishing is when scammers impersonate trusted brands and send you text messages or emails containing phishing links. Their goal is to lure you into clicking on them so that they can take you to phishing pages where they can record all your PII, such as your Social Security number, login credentials, and credit card details. The scammers can thus steal even more from you, including your money and even your identity.
Between October 2022 and September 2023, Trend Micro detected over 29 million phishing URLs — a truly staggering number! With so many phishing sites out there trying to trick people, it’s crucial for you to stay on the lookout. Below are some examples:
Fake Apple Texts
If you receive a text saying you need to use the attached link immediately to resolve an issue, please think twice before clicking. This week we’ve continued to detect lots of fake text messages impersonating Apple prompting users to log in to their Apple IDs for various reasons:
#1 – iCloud Storage Warning
Is your iCloud storage full? Even if it is, don’t take any action yet when you receive a text like this. We’ve blocked such fake iCloud notifications containing phishing links over 5000 times this week:
- CLOUD SERVICE TERMINATION. Upgrade now or lose your stored photos and files.
- ACCOUNT SUSPENDED: Your cloud account has been suspended due to reaching its limits, Upgrade NOW or claim 00GB FREE <URL>
- CLOUD STORAGE ALERT. Upgrade immediately or say goodbye to your stored photos and files. <URL>
Don’t click! If you do, you will be taken to a fake iCloud login page, and scammers can steal your login credentials. With them, they can block you from your account, make purchases using your stored credit card details, and even access your private data. Watch out!
#2 – App Data Breach Alert
Besides fake iCloud storage notifications, scammers also invent bogus breach alerts to exploit people. For example, we detected this fake notice 3,543 times last week:
- URGENT NOTICE: Breach alert for 0 apps! Secure your device, remove them now: <URL>
Falsely claiming there are security issues with your apps, scammers want you to click on the phishing link. You can imagine what will happen next: login and credit card information stolen, and more PII exposed. Don’t let that happen!
Protect Yourself from Scams
The truth is, there are lots of scams and scam sites on the internet and they’re getting even more difficult to detect with common sense alone. However, for an easy and reliable method of detecting and avoiding scam sites, check out Trend Micro Check.
Trend Micro Check can shield you from scams, fake and malware-infected websites, dangerous emails, phishing links, and lots more! If you come across something dangerous online, you’ll be alerted in real time so you’ll know to stay well clear.
Fake Capital One Email
We’ve written about fake Capital One emails before, and this week they’ve returned disguised as “pending refund” notifications:
If you click on the link, it will take you to a fake Capital One login page where any data you submit could be stolen. Be careful!
Tips to Stay Safe Online
- Double-check the sender’s mobile number and email address. Even if it seems legitimate, think twice before you take any action.
- Reach out to the company’s customer service directly for help and support.
- Never click on dubious links or attachments! Stick to official websites and apps.
- If you’ve accidentally revealed your PII somewhere, change your passwords immediately and inform your bank and/or other companies that scammers may contact them pretending to be you.
If you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected. Also, please consider leaving a comment or LIKE below.