Be careful, this SMS leads to a data trap!

This text message landed on the cell phone of a 68-year-old from Menden last week.

Shortly before, the man from Menden had ordered goods from a large online department store. Therefore, he thought the short message was real. He followed the link and ended up on a replica website. Both the domain and the appearance gave the impression that it was from Deutsche Post. He entered his personal information there including his credit card number.

On Saturday he began to suspect that it could be a fraudulent text message. He blocked his credit card and filed a police report online. It is not yet known whether any financial damage was caused.

Data is collected

In the current case, the perpetrators appear to have designed it to collect data. They demand a small “customs fee” of 2.99 or 3.99 euros. The link in the SMS leads to a page that is deceptively realistic, with the old “Posthorn” but in a yellow design with all kinds of information. Some links lead to the real DHL pages, others only produce an error message. However, entering the “tracking number” works. In the next step, the victims should provide their names, email addresses, telephone numbers, address and later their payment details.

Accounts or credit cards are not always actually charged. However, cyber criminals can use the data to steal identities or launch further phishing campaigns.

Smishing

Fraudulent SMS or messenger messages are not a new phenomenon. Derived from the abbreviation SMS and the word phishing (for the theft of access data), the term “smishing” has become commonplace. Especially since the Corona pandemic, fraudsters have increasingly been operating from home offices. They send messages to randomly selected cell phone numbers and keep developing new variants.

In 2021, countless victims followed a link in a package SMS to an Internet site that was apparently virus-infected. The fraudulent SMS messages were then sent from the victim's cell phone to their contacts - a type of dynamic chain letter. Because many people were increasingly shopping online during the pandemic and actually expecting packages, they were quickly seduced into clicking. The victims often only noticed it when they received their cell phone bill. In another smishing variant, shipping fees are charged or there were supposedly problems with the delivery of a package. The perpetrators use the names of practically all parcel services.

• The police warn against following such links. The message should be deleted.
• Under no circumstances should any apps or programs be loaded this way.
• If you want to prevent this, you should set up a third-party block with your cell phone network operator. This prevents additional fees from other services from being collected on your cell phone bill.
• Are you actually expecting a package? Compare the tracking number that may be provided in the SMS with that of your online sender.

And if it has already happened?

• Inform your bank or credit card provider and have your card blocked.
• Have you installed an app using this method? Switch your cell phone to airplane mode so that it can no longer receive commands from outside or send unauthorized text messages. Then reset your phone to factory settings. Private data may be lost.
• Change ALL passwords. Enable two-factor authentication on all accounts that support it.

Further information can be found on the website www.polizei-beratung.de . And here is a checklist from the Federal Office for Information Security (PDF) .

Source:

Press portal

Already read? Security on the Internet: 10 FBI rules for cell phones and computers