Citibank, Wells Fargo, Chase, MetaMask, T-Mobile, Binance, and Costco — Top Phishing Scams of the Week

This article is from Trend Micro

This week we’ve found a large number of scams that you need to watch out for, including ones relating to Citibank, Wells Fargo, Citizens Bank, Chase, MetaMask, T-Mobile, Binance, and Costco. Would you have been able to spot all the scams?

Phishing scams are one of the most commonly used tactics by scammers. Conventionally, while impersonating famous brands, they send out fake text messages and emails containing phishing links and try to entice you into opening them with various lies.

In such phishing schemes, the links will take you to fake log-in pages that appear to belong to various brands. These pages require you to submit log-in credentials to download a software update, change account settings, or whatever other tasks the scammers have asked you to complete.

Bank Phishing

Recently we’ve detected a lot of fake “security alerts” from well-known banks, including Citibank, Citizens Bank, Wells Fargo, and Chase.

Falsely claiming that there are safety issues with people’s bank accounts, scammers prompt potential victims into clicking on malicious links that lead to fake login pages of the impersonated banks.

Citibank

Source: Reddit

• [Notice]: Your CITI debit has been clocked due to unusual activities.Confirm your details at <URL>
  Citibank:
• We detected unusual activity in your account. please follow this link <URL> to verify your identity

Citizens Bank

• Citizens Bank: We have temporarily locked your Citizens Card due to unauthorized transactions. To unlock, verify now – <URL>

Wells Fargo

• Important Notice From WELLS FARGO! We detected a login from a new device! If this was you, Kindly disregard this sms.If not click <URL> to secure now!.B

Surf the web safely with Trend Micro Check (it’s free!)

Trend Micro Check is an all-in-one browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!

Check out this page for more information on Trend Micro Check.

MetaMask Phishing

Since more and more people have become interested in cryptocurrencies and NFTs, scams relating to these two topics have been everywhere. We’ve seen way too many MetaMask scams, and this week they’ve been circulating via text message and email:

MetaMask Scam Emails

Source: Reddit

MetaMask Scam Text Messages

your wallet is missing some info that we need to comply with financial regulations. as a result, all transactions on your wallet are now restricted. follow the link: <URL> to verify it. – reply stop to opt-out
 
The links in these scam messages will take you to a fake MetaMask website:

If you submit credentials like your recovery phrase onto the fake site, scammers can hack into your MetaMask wallet and steal all your crypto. What’s worse, since cryptocurrencies are decentralized, it would be nearly impossible to get them back! Watch out!

Binance Phishing Text Scams

In February we reported on Binance text scams, and recently we’ve detected a new wave of them:

•  
  [binance]withdrawal code: 789367. if this was not you, please cancel here: <URL>
   

Falsely claiming that there has been a withdrawal attempt on your account, scammers trick you into clicking on the phishing link that leads to a fake Binance log-in page. Scammers can record all the data you submit here — be careful!

Besides fake login pages, the links, in other instances, will lead to online survey pages that state you can claim a gift by filling out an online questionnaire. After you complete the questionnaire, you are prompted to enter credit card details before your “gift” can be delivered. Here are a few examples:

T-Mobile Phishing

We’ve reported on scams targeting T-Mobile customers several times before, but now some new versions have appeared, circulating via text message and email. Did you receive any?

T-Mobile Scam Text Messages

By promising you a free gift, scammers try to lure you into clicking on the embedded link in the text:

•  
  Your New DeIivery-TIme; 5:00PM on 4/18; <URL> Stop to end

The link will take you to a fake online survey page where you could end up exposing your personal information — everything you submit there will end up in the scammers’ hands, and they can use it to commit identity theft.

T-Mobile Scam Email

“This is your chance to receive a reward!” Scammers use various excuses to try to lure you into clicking on the phishing link embedded in the scam email, trying to get you on their fake T-Mobile survey page. Again, you could end up exposing all your sensitive credentials:

Here are some other examples of the subjects of these T-Mobile scams.

Costco Survey Scam

Costco is one of the most impersonated brands. We’ve written about several Costco survey scams before, and this week they’ve gone viral again:

• Costco wanted to invite you to our April|April.|April,} 2022 Poll. Everyone that completes this by April. 18 2022 will claim a complimentary reward. <URL>

If you fall for one of these survey scams, in the end, you will have to provide your credit card number, its expiration date, and even the CVC code to get your (non-existent) gift delivered. Don’t get scammed!

How to Protect Yourself

• Double-check the sender’s mobile number/email address.
• Be suspicious of free gifts and prizes.
• Always go to the official website/application instead of using links from unknown sources.
• Never click on links or attachments from unknown sources. Use Trend Micro Check to surf the web safely (it’s free!).
• Add an extra layer of protection to your device with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection can help you combat scams and cyberattacks. Click the button below to give it a try:

As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.