EN
This article is from Trend Micro.
Disguising themselves as big recognizable companies, scammers will try to lure you into clicking on phishing links they include in text messages and emails, aiming to steal your personal information.
The phishing links can lead to fake online survey pages that state you can claim a gift by completing an online questionnaire. After you fill out the survey, you are prompted to enter credit card numbers before your “gift” can be delivered.
Or, in other instances, the links take you to fake log-in pages impersonating various brands, featuring fake online application forms. These pages require you to submit log-in credentials to view your delivery status, change your settings, or do whatever else the scammers have said that you need to do.
Scammers can record all the credentials you enter on these pages and use the data to commit cybercrimes. For example, they could hack into your account and withdraw your money, and even use your information to commit identity theft. Don’t let them!
As the holiday season approaches, many brands start holding giveaways or raffles to celebrate, but scammers also do — although they’re for their own good, not yours! They pose as famous companies and falsely claim there’s a giveaway or that you’ve won a prize in their raffle, prompting you to click on the attached phishing link. Here are some examples we’ve spotted this week:
(1) Home Depot Giveaway SMS Phishing
(2) GroupMe Raffle
These types of raffle scams don’t only happen via text messages though. They also circulate via other communication services such as WhatsApp, Facebook Messenger, or GroupMe.
In this latest GroupMe raffle scam, scammers tell you that you could have a chance to win some super expensive products like Apple iPad Pros and Apple TVs to try to trick you into clicking on the phishing link:
Once clicked on, the link will take you to a fake GroupMe page that hosts an online survey:
As mentioned above, after you finish the questionnaire, you are guaranteed a gift and asked to enter personal information to get it:
Before you can receive the gift, you have to pay for the delivery by entering credit card information. Don’t fall for it!
(3) iPhone 13 Raffle Scam (Walmart/Amazon)
iPhone 13 news has been really hot these past few weeks, but so have fake iPhone 13 raffle campaigns! Have you come across anything similar?
Your support means the world to us! Thanks for being an awesome client. Please help us serve you better here and claim our gift: <URL>
Scammers pretend to be collecting customer feedback, and try to lead you to a fake online survey page:
And you already know what will happen next! Don’t enter any banking details!
The same tactics apply to fake Walmart lucky draw campaign scams featuring iPad Pros. Below is the scam SMS content and an example of what the phishing pages look like:
jeanette, this is our final reminder: your ipad pro will be passed on to another lucky customer next monday. act now: <URL>
Lastly, scammers also embed phishing links in emails to try to trick you with fake raffle campaigns. For example, we’ve detected a lot of bogus raffle emails from Amazon that say you’ve won an iPhone 13:
Just like in the other cases, the button here will take you to a phishing page (perhaps a fake Amazon log-in page). Don’t click on anything!
Would you be nervous to see security alerts from your bank? Don’t panic and check first! The SMS notifications are often SCAMS! Scammers pose as banks and send you phishing links, asking you to visit the links to resolve made-up security issues with your bank account.
Once you click, you will be taken to a fake log-in page. If you enter your details, scammers will use them to gain access to your bank account! Here’s a list of impersonated banks:
(1) Wells Fargo
1 of 3 frm:wells fargo subj:activity verification alert msg:wells fargo: due to unusual activity, we have placed a temporary hold on your online (con’t) 2 of 3 banking. to remove this hold , kindly verify your identity into details with the link provided here .<URL>
(2) Citizens Bank
citizens alert: we’ve blocked your online banking due to suspicious activity. login to regain access – <URL>
(3) Chase Bank
citizens alert: we’ve blocked your online banking due to suspicious activity. login to regain access – <URL>
Have you ever received a package shipping notification that looks suspicious? Yeah, you need to be extra careful, especially when it’s near the holiday shopping season and everyone will be expecting packages!
We’ve written about package delivery scams before, and now a new wave of SMS phishing scams from scammers posing as USPS and FedEx are out to exploit you:
(1) USPS
We have found a package for you from August. Confirm delivery here: <URL>
The phishing links in fake USPS text messages will take you to an online survey page where you will eventually be asked to provide credit card information:
(2) FedEx
In a FedEx delivery scam, scammers lead you to a fake FedEx log-in page where you might have your personal information like your home address leaked:
A few weeks ago, we reported on fake LinkedIn email job search scams, and now these fake emails are popular again:
The button will take you to a phishing LinkedIn log-in page. Again, all the sensitive data you submit will be exposed to scammers!
Fake DocuSign email notifications are also regularly reoccurring. Posing as DocuSign, scammers send you an email and request that you review or sign an unknown invoice via the embedded button:
DON’T. As we’ve emphasized hundreds of times, the button takes you to a phishing page. And in some cases, malware will start to download once you click!
1. After you’ve pinned the Trend Micro Check browser extension, it will block dangerous sites for you automatically:
2. Send links or screenshots of suspicious text messages to Trend Micro Check on WhatsApp for immediate scam detection.
Don’t forget to add an extra layer of protection to your device with Trend Micro Maximum Security! It includes Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection to help you combat scams and cyberattacks. Click the button below to give it a try:
Did you successfully spot the scams? Remember, always CHECK before giving out personal information. If you found this article helpful or interesting, please SHARE it to help protect your friends and family!
