https://whitelabel-manager-production.ams3.digitaloceanspaces.com/thumbs/atop001-11146.png_800x.png
January 10, 2022
Author: Trend Micro

Top 5 Phishing Scams: MetaMask, Verizon “Itemtracking”, AT&T “Bill Paid,” & Amazon Gift Card Giveaway

This article is from Trend Micro.

Phishing scams have for a long time been one of the scammer’s favorite tactics to trick you — in which (impersonating famous brands) they send out fake text messages and emails containing phishing links and aiming to entice you into opening the malicious links with various excuses and fake offers.

The phishing links lead to online survey pages that state you can claim a gift by completing an online questionnaire. After you fill out the survey, you are prompted to enter personal information, such as credit card numbers, before your “gift” can be delivered. In other instances, the links lead to fake log-in pages that seem to belong to various brands. These pages require you to submit log-in credentials to check package deliveries, change settings, or whatever other tasks they’ve prompted you to complete.

The scammers’ ultimate goal is to steal your information — they will record sensitive information you enter on these fake pages and use the data to commit cybercrimes: e.g., hack into your bank account, withdraw money, or steal your identity. Don’t let them!

1. Fake MetaMask Security Alert Email

Have you started your cryptocurrency investment? Many people have chosen MetaMask to make transactions, but please be careful and think twice every time before you click on any links and enter your log-in password. This week we’ve detected many fake MetaMask security alert emails that falsely claim your MetaMask wallet is going to be suspended for some security issue:

atop002-5ae8b.png

To retrieve your wallet, you are prompted to click on an embedded link in the email to verify your account. The link then takes you to a fake MetaMask website – again, if you submit credentials like a seed phrase, scammers can hack into your MetaMask wallet and transfer every “bit” away. What’s worse, since cryptocurrencies are decentralized, it would be nearly impossible to get them back! Watch out!

Note: the fake MetaMask website looks nearly 100% identical to the genuine one. Please take a look at the web address carefully – the legitimate domain of MetaMask should be metamask.io!

atop003-89fe7.png

Real MetaMask Website:

atop004-4e4f3.png

You can use Trend Micro Check to check if a website is secure and browse the web safely: (It’s free!)

atop005-2c1e0.png a:0:{}

Trend Micro Check is an all-in-one browser extension for detecting scams, phishing attacks, malware, and dangerous links – and it’s FREE!

After you’ve pinned Trend Micro Check, it will block dangerous sites automatically! It is now available on Safari, Google Chrome, and Microsoft Edge.

Check out this page for more information on Trend Micro Check.

2. Verizon Parcel Tracking Scam (itemtracking[.]net)

We’ve reported on package delivery scams before, including DHL, FedEx, and USPS variants. This week there is a new version telling you to check the shipment address for your pending package:

  • Parcel Tracking: Hi, your package with tracking code TX357Z46 is waiting for you to check the shipment address: <URL>
atop006-ae831.png a:0:{}

Source: News4JAX

The links in these fake text messages may vary, but most of them will direct you to itemtracking[.]net. This is a scam website, designed to look convincingly like Verizon’s official webpage, saying that you can win a gift (like a free iPad) if you fill out an online survey form and enter financial credentials – these will all end up in scammers’ hands!

3. Verizon “Bill Paid” Text Scam

Besides fake delivery messages, many people have also received ones that say you can get a gift via an attached link because you’ve paid your bill for November:

  • VZN Free Msg: November bill is paid, Thanks, Here’s a little gift for you: <URL>
atop007-64c4b.png a:0:{}

Source: Reddit

Again, the link is a phishing link. If you click on the button, you could end up exposing your personal information!

4. AT&T “Bill Paid” Survey Scam

There is an AT&T version of the “November bill paid” scam, and it is also reoccurring:

  • ATT Free Msg: November bill is paid. Thanks, Here’s a little gift for you: <URL>

The attached link will take you to a fake AT&T online survey page that grants you a free Smart Health Watch:

atop008-bb9fc.png

As mentioned above, you will be asked to enter credit card information. (Of course, don’t do so!)

atop009-43586.png

5. Amazon Survey Scam

“Win a $1,000 gift card!” We’ve seen many gift card giveaway scams, and now they’ve come in as phishing text messages this week:

  • Amazon Notification! Wayne! We’re offering a free credit for a Amazon $1,000 gift card today. ACT NOW: <URL>

To claim the free gift card, you have to click on the phishing link and do an online survey:

atop010-cafad.png

In the end, you are asked to enter credit card information for your reward – and you know what will happen: no gifts will ever appear, and your credentials will eventually arrive in a scammer’s pocket!

atop014-8cc2f.png

How to Protect Yourself

  • Double-check the sender’s mobile number / email address.
  • Free gifts or prizes are always a major red flag.
  • Always go to the official website / application instead of using links from unknown sources.
  • Browse the web safely with Trend Micro Check
  • Add an extra layer of protection to your device with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection can help you combat scams and cyberattacks. 

Click the button below to give it a try:

As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE  with friends and family to help keep the online community secure and protected.

About Us Check Yourself Contact Disclaimer
Developed By: scamadviser-logo