This week we’ve found phishing attempts in which scammers are impersonating T-Mobile, the IRS, Apple, and USAA. Would you have been able to spot these scams? 

Phishing Scams

Are you sure that link you’re gonna click is legitimate? If you’re not 100% sure, just DON’T click.

Impersonating trusted brands, scammers send out texts and emails containing links that take you to phishing pages. These pages are designed to record your PII, such as your Social Security number, login credentials, or credit card details. With it, scammers can gain control of your account and steal your money as well as your identity.

To lure you into clicking on the links, scammers come up with various pretenses. For example, they may offer you an exclusive reward and ask you to take an online survey. Or, they might warn you of some bogus security issues with your account. Whichever tactics they use, their ultimate goal is to access your PII.

T-Mobile Rewards Scam

“Take Survey and Claim Reward!” We’ve reported on a series of phishing attempts impersonating T-Mobile before, but scammers just don’t seem to ever stop. Last week Trend Micro detected and blocked this fake T-Mobile reward email 6,900 times:

If you take the bait and click on the button, you will be led to a fake T-Mobile survey page and promised an exclusive reward. However, you won’t receive anything, and you could end up exposing all your PII. Be careful!

Protect Yourself from Scams

The truth is, there are lots of scams and scam sites on the internet and they’re getting even more difficult to detect with common sense alone. However, for an easy and reliable method of detecting and avoiding scam sites, check out Trend Micro ID Protection.         
 
ID Protection can shield you from scams, fake and malware-infected websites, dangerous emails, phishing links, and lots more! If you come across something dangerous online, you’ll be alerted in real time so you’ll know to stay well clear.        

IRS Tax Scams

Besides the fake IRS texts we saw a few weeks ago, scammers seem to have been updating their tricks. The 2024 tax season has started, and we keep detecting different phishing emails posing as the IRS:

#1 – Fake Tax Assitance Program

Falsely claiming that you can join an assistance program to help reduce your taxes, scammers instruct you to click on the embedded button:

This button will direct you to different scam websites randomly. Below is one of the websites you could end up on (a gambling website):

No matter where they take you, you won’t be able to deduct a cent of your taxes, and you could even get scammed out of extra money or PII on these scam sites. Don’t let that happen!

#2 – Fake 2023 Unpaid Taxes Notification

Scammers also pose as the IRS and tell you that you still owe them taxes for 2023. In the fake email, they attach a file for you to review, but it is a malicious file. Don’t click!

Fake USAA Security Alert

What will you do if you see a notification about changes made to your account that you don’t recognize? First, before you take any action: is this notification genuine?

We’ve reported on such fake security alerts impersonating USAA before, and this week we detected a new version 1,247 times:

Tricking you into thinking that your account might have been breached, scammers tell you to restore your account using the attached link. It will then lead to a fake USAA login page where scammers can gain access to all your login credentials and thus take over your account:

Sometimes the copycat website and the official one can look alike, and it can be hard to differentiate which is which. Note: Check the web address! The domain of the legitimate USAA website is usaa.com

Fake Apple ID Security Alert

Similar to the USAA security alert, scammers also often pretend to be from Apple and send you fake Apple ID alerts, trying to get you to click on the phishing link. This week we blocked this fake Apple ID alert 562 times:

Note: Check the sender’s email address. A legitimate one will end with @apple.com or @icloud.com, according to Apple.

If you click on the button, you will end up on a fake Apple ID login page:

If you were to submit your Apple ID and password, scammers can steal these credentials and use them for their own good. They will gain full access to your Apple ID, reset the password, and lock you out. They can even steal all the private data stored in your iCloud. Don’t let them!

Tips to Stay Safe Online

• Double-check the sender’s mobile number and email address. Even if it seems legitimate, think twice before you take any action.    
• Reach out to the company’s customer service directly for help and support.
• Never click on dubious links or attachments! Stick to official websites and apps.
• If you’ve accidentally revealed your PII somewhere, change your passwords immediately and inform your bank and/or other companies that scammers may contact them pretending to be you. 
• Check if any of your PII has been leaked and secure your social media accounts using Trend Micro ID Protection.   
• Finally, add an extra layer of protection to your devices with Trend Micro Mobile Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection will help you combat scams and cyberattacks.  

If you’ve found this article an interesting and/or helpful read, please SHARE it with friends and family to help keep the online community secure and protected. Also, please consider leaving a comment or LIKE below.