Az elmúlt két hétben kaptam nyereményeset és csomagosat is, hivatalos értesítési számokról spoofolva. Korábban nem kaptam ilyeneket.
iPhone, titkos szám.
Anyone else seeing this behavior? We are seeing waves of cases where someone is pretending to be our CEO and sending phishing emails to staff's work addresses but also their personal email addresses and in some cases text messages to them on their personal phone numbers. These personal emails and phone numbers aren't at all listed in company directories, their signatures, etc. My theory is they are siphoning off the personal details off a compromised job board (Monster, Dice, etc) account but I can't prove it.
Hi all, I got this SMS about "unusual activity" and like a dummy without checking, I clicked the link which went to
directingfwd91.ddns.net
It has a Citi login page. When I opened it up I knew right away it was a phishing scam, but my big question:
Did I just F up by clicking this link? How can I check if I opened up a teojan horse on my mobile phone?
[EDIT: any key steps I should taking as a precaution?]
Thanks everyone. Stay safe and Happy New Year.
Heads up for new SMS / text phishing campaign sent to ledger-leaked phones
I just received this phishing text message:
MetaMask Update - Due to pressure from regulators and the necessity for KYC, we require all MetaMask users to revalidate (please act prior to 2022): https://metamask.io-swap.app/
Ciao a tutti, in questi giorni stavo aspettando un sms dalla banca e proprio oggi ne ho ricevuto uno di phishing in cui si fingevano proprio la mia banca con testo contenente più o meno indicazioni su quello che mi sarei aspettato dal vero messaggio. Il problema è che all’interno c’era anche un link che portava a una finta versione del sito della banca. Rischio qualcosa se ho solo aperto (per sbaglio, dalla fretta) il link senza inserire nessun dato?
Questa mattina ho subito un classico tentativo di phishing via SMS.
Tutto nella norma: caps-lock, toni allarmistici, e shortened link che rimanda ad un dominio palesemente fake.
La cosa che mi ha stupito è che il messaggio sia comparso nel medesimo thread in cui ricevo normalmente informazioni dalla banca. Proviene quindi, o almeno così pensa l'app Messaggi di Android, dallo stesso mittente "autorevole" che la banca usa per comunicare. Ovviamente, al mittente non corrisponde un numero di telefono, ma semplicemente il nome della banca usando il meccanismo di SMS alias.
Qualche idea su come questo sia stato possibile?
Hello everybody! I am usually super aware of tech risks and super obsessed about safety and security online, so I don’t know how I could do this. I am waiting for a small package and I received an sms asking me to trace a package - I clicked on the link automatically, before realizing it was a scam. I clicked on the link that brought me to a website that my phone didn’t even open, saying it was a security threat. I have a specific service on my iPhone from Vodafone that alerts me of malware and protects me from it. The service didn’t even allow for the website to open, and sent me a notification that it protected me from potential malware. I literally closed the website after half a second. I have an iPhone 12, not jailbroken, updated to iOS 14.7.1, and with 2FA on almost everything I can think of (social media, banking apps, email accounts). Am I exposed to some kind of risk? Or am I just being paranoid?
Ja, Titel hört sich erstmal sehr blöd an. Deswegen bitte den ganzen Text lesen.
In letzter Zeit werde ich vermehrt von irgendwelchen zufälligen Nummern per SMS angeschrieben, dass mein Paket bei DHL endlich unterwegs ist. Das ganze sieht ungefähr so aus. Dabei handelt es sich natürlich offensichtlich um einen Phishing-Link, der euer Handy mit einem netten Virus befällt, wenn ihr auf den Link drückt und euch die "DHL-App" runterladet (Spoiler: Es ist nicht die DHL App).
Zudem ist dieses Virus extrem gut gemacht und für den nicht so computeraffinen Menschen kaum zu durchschauen. Das Problem daran ist nämlich, dass wenn man befallen ist, die Schadsoftware anfängt, an irgendwelche Nummern die SMS mit dem Link weiterzusenden (so ähnlich wie ein Kettenbrief). Nicht mal an eure Kontakte wird die Nachricht gesendet, sondern an zufällig generierte Nummern. Diese SMSs können natürlich sehr hohe Kosten verursachen, wenn man keine SMS Flat hat, da wahrscheinlich extrem viele Nummern ausprobiert werden. Der Haken an der ganzen Sache ist: Der befallene Smartphone-Nutzer merkt davon nichts. Die SMS werden heimlich im Hintergrund gesendet und wahrscheinlich auch jede Menge Daten der Nutzer abgegriffen.
Diese SMS Geschichte war vor einer Woche schonmal hier und wie man in den Kommentaren lesen konnte, verhalten sich die Meisten eigentlich richtig: Blockieren und Ignorieren. Aber solange ihr nicht auf den Link draufdrückt, kann eurem eigenen Handy nichts passieren. Ich habe aus reiner Langeweile schon ein paar Nummern angerufen, welche mir diese SMSs schicken und ich hatte fast immer den selben Gesprächspartner: Ü50, meistens Rentner, keine Ahnung von Technik und allgemein mit der Situation überfordert. Ich habe allen davon geraten: Jemanden aufsuchen, der sich damit auskennt und das Handy schleunigst zurücksetzen.
Ich hoffe, dass ich so etwas die Ausbreitung des Virus eindämmen konnte (haha, Lockdown Anspielung). Und erzählt bitte auch euren älteren Freunden und Verwandten, dass sie generell keine Links mehr per SMS mehr öffnen sollten. Denn das Problem ist, dass ich immer mehr von diesen SMS bekomme. Gestern drei und heute sogar schon fünf. Wie weit es sich ausgebreitet hat, will ich mir gar nicht vorstellen. Deswegen NoCovid und NoSMSPhishing.
Hello my fellow Apple-users,
today I got a sms from the same Apple sender that sends me codes for my 2-factor-Authentification.
“Dear Customer, Your lost iPhone XS Max been found and temporarily switched ON.View location: https://findmy-maplocation.live/MjeBUq Apple Support.“
After seeing the grammar errors of this sms and the grammar of the website I contacted the Apple Support to make sure this link is legit.
They told me it is therefore I entered my icloud-information and the code of the lost phone. A few minutes later the phone vanished from my Apple-id and I cant track it anymore.
I contacted the support again and they told me it’s a fake website. -.- claps
Now I feel very mad because I trusted the support.
I hope you won’t be as dumb as me.
Cheers
Scammers send text messages with phishing links impersonating the National Health Service (NHS) in order to exploit people. They use various excuses to persuade you to click on the links.
https://preview.redd.it/fld20gs1qkp71.png?width=429&format=png&auto=webp&s=77527731bfc215491c43911c261abaf5f981b6f9
https://www.antivirus.com/2021/09/23/dont-fall-for-the-latest-nhs-sms-phishing-scam/
Use a password wallet with non reoccurring passwords. Especially if you were involved in that Say database.
Check your phones weaknesses by researching/DDing it and your service provider's intrusion.
Doing a factory reset and updating the system may be your only option to get rid of the malware.
(If you notice apps opening by themselves, sluggishness, repetitive screen stalls, forced restarts.
Uninstall all apps that you don't use or don't have a large parent company providing you a terms of service or security information.
Do you guys have a department that actively goes after phishing scams? I just got a text message teeling me I signed in from a new device, and if I didnt to click the link. but the link is wrong (.net ending) and further suspicion the b doesnt look like a real b, but another character map character that looks like. b with a bent top part
Hallo!
Ich bekomme seit ein paar Tagen regelmäßig SMS von österreichischen Handynummern mit Nachrichten wie "Your package with UPS has failed", "Die von Ihnen gekaufte Ware wurde versendet" usw. mit komplett offensichtlichen Phishing-Links am Ende der Nachricht.
Bekomme die nur ich plötzlich? Ich habe meine Nummer nirgendwo neu angegeben und bin da sehr vorsichtig - wieso bekomme ich diese Nachrichten plötzlich?
LG
There have been a spate of blanket phishing attempts by SMS that steal username, password of bank accounts. It's very important for people to share screenshots of such attempts to family to educate them.
Hope these screenshots help.
