Xblgo[.]com, X (Twitter) Phishing, and Lowe’s Texts: Top Scams of the Week

    Xblgo[.]com scam
    Pexels

    This week we’ve seen various scams targeting your personal and financial data. The top scams involve bogus inquiries about Xbox consoles and fake texts and emails with scammers impersonating X (Twitter) and Lowe’s. Keep reading to learn how to recognize these scams and protect yourself.

    Xblgo[.]com Scam

    Are you an Xbox player? If you’ve received inquiries about buying your Xbox console, be careful, these messages are scams!

    The senders offer to purchase your Xbox console, mentioning that its value shown on a website called xblgo[.]com is high and instruct you to reach out if you want to sell it:

    xblgo scam_message
    Sample Xbox scam message featuring xblgo[.]com. Source: Reddit

    The message is a scam, and the website is a phishing page designed to steal your personal information! If you visit the website, you could end up exposing your credentials, including your email address, Xbox account login details, linked payment information, and so on. Scammers can thus gain full control of your account and potentially sell or leak your data on the dark web.

    xblgo scam_fake xbox website
    Sample fake Xbox website: xblgo[.]com

    Similar scam messages, with a slight difference in the link and the scammers’ contact information, have been spreading too. But the end goal is the same: to lure you into giving out all your credentials.

    xblgo scam_xbcost message
    Sample Xbox scam message featuring xbcost[.]com. Source: Reddit

    Safety Tips:

    • Never click on links from unknown sources.
    • Check the web address — does it belong to Xbox (xbox.com)?

    Fake X (Twitter) Login Alert

    What would you do if you received a login alert notification from X (Twitter)? You should always check before you take any action — the alert might be fake.

    Scammers are out there sending fake email notifications, falsely claiming that there was a login attempt on your X account.

    Fake X Twitter login alert
    Fake X (Twitter) login alert. Source: Reddit

    The email guides you to either request a password change or report the unknown user via the link attached. Wait! It’s a scam!

    The links lead to a fake X login page that, again, will record any credentials you submit. Scammers can thus take control of your X account and lock you out. Beware!

    Safety Tips:

    • Check the sender’s email address. Legitimate X emails should always come from @X.com or @e.X.com.
    • Go to the X app or X.com directly to check if there was a login alert.

    Fake Lowe’s Texts

    Scammers are creating fake texts and websites to pose as trusted brands to exploit people. For example, we detected and blocked 1,127 texts impersonating Lowe’s last week:

    • Lowe’s Order Updates: We’ve received your order #<PHONE>00000000, we’ll notify you as soon as it’s ready. Click <URL> for order details. Reply STOP to opt out.
    • Item(s) for order #<PHONE>00000000 have been delivered – thanks for shopping with Lowe’s. Let us know how we did: <URL>
    • Lowe’s Order Updates: Your Order #<PHONE>00000000 is ready for pickup in a locker. We’ll see you soon at our store! Click <URL> for order details. Reply STOP to opt out.

    From order confirmation texts to delivery notifications, scammers make up excuses to prompt you to click on the attached link to see details of the fictional order.

    The links will take you to a fake Lowe’s website or a bogus package tracking website. Why? Well, again, their ultimate goal is to steal your personal information, such as your credit card number or other financial details, with which scammers can commit other crimes, such as identity theft.

    Safety Tips:

    • Check if the website is legitimate (lowes.com).
    • Instead of using the attached link, go directly to the legitimate website via a search engine.

    Security Tips: How to Avoid Scams

    Remember these key points to protect yourself from phishing and smishing scams:

    • Be Skeptical: Treat unexpected texts and emails with suspicion, especially those requesting personal or financial details.
    • Avoid Clicking on Links: Don’t click on links unless you’re certain they come from a trusted source.
    • Verify the Source: If a text or email claims urgent action is needed, verify its authenticity by contacting the institution directly.
    • Use ScamCheck: The newly updated Trend Micro ScamCheck can protect you from all kinds of scams. See below for more information.

    Protect Yourself Against Scams with ScamCheck

    With the sheer number of scams and scammers that are out there, staying one step ahead is more crucial than ever. Introducing the newly updated Trend Micro ScamCheck! Available for both Android and iOS, ScamCheck offers comprehensive protection from phishing and smishing scams, spam and scam text messages, deepfakes, and more:

    • SMS Filter & Call Block: Say goodbye to unwanted spam and scam calls and messages. Minimize daily disruptions and reinforce your defenses against phishing.
    • Scam Check: Instantly analyze emails, texts, URLs, screenshots, and phone numbers with our AI-powered scam detection technology. Stay secure and scam-free.
    • Deepfake Scan: Detect deepfakes in real-time during video calls, alerting you if anyone is using AI face-swapping technology to alter their appearance.
    • Web Guard: Surf the web safely, protected from malicious websites and annoying ads.

    To download Trend Micro ScamCheck or to learn more, click the button below.

    If you’ve found this article an interesting or helpful read, please SHARE it with friends and family. Also, please consider clicking the LIKE button below.

    Post a comment

    Your email address won't be shown publicly.

    0 Comments

      This website uses cookies for website functionality, traffic analytics, personalization, social media functionality and advertising. Our Cookie Notice provides more information and explains how to amend your cookie settings.