This week, we’ve found lots of scams in which scammers are impersonating famous brands, including USPS, Amazon, iPhone Giveaway, and more. Would you have been able to spot all these scams?
Impersonating trusted brands, and under a variety of pretenses, scammers love to spread phishing links via text message or email that lead to phishing sites designed to steal your personally identifiable information (PII): bank log-in details, email address, Social Security number, credit card number, and more. With these credentials, scammers can commit a variety of cybercrimes, including identity theft.
In most cases, the phishing pages will be disguised as fake log-in pages, where all your log-in credentials and other data will end up in the scammers’ hands. For example, they often pose as delivery companies and trick you into providing your PII.
Fake USPS Tracking Pages (upspro[.]wiki / tools-usps[.]work)
This is not the first time we’ve reported on USPS scams. Falsely claiming that you have a package on hold and that you have to confirm delivery details, scammers prompt you to click on the attached link:
- The USPS package has arrived at the warehouse and cannot be delivered due to incomplete address information. Please confirm your address in the link. hxxps://wwwupspro[.]wiki (Please reply to 1, then exit the SMS, open the SMS activation link again, or copy the link to Safari browser and open it) The US Postal team wishes you a wonderful day!
If you follow the instruction, the link will lead you to a fake USPS tracking page that asks for your home address, phone number, email address, as well as other PII. Don’t fall for it! (Note: the web address of the legitimate USPS tracking page should be: tools.usps.com.)
URLs of sample fake USPS tracking websites:
An Easy Way to Stop Scam Texts for FREE
Always double-check the web address of the website to see if it’s legitimate. The easiest way to avoid scams is to NEVER click on links from unknow sources. To stay protected, you’ll want to check out Trend Micro Check — our 100% FREE mobile app that blocks scam and spam texts from entering your inbox.
Not only will it block unwanted texts, but Trend Micro Check can also keep you safe from malicious links on all your messaging apps (WhatsApp, Telegram, Tinder, etc.) and shield you from dangerous sites as you browse the web. Download today for free (available for Android and iOS).
Amazon Phishing Texts
This year’s Amazon Prime Day just passed, and there were many Amazon-related scams — with more popping up in the last few days:
- Amazon_SMS Warning: Your annual account fee is currently past due. Pay now: <URL>; or you will be fine. Ref code: 952797
Using the excuse of having to make a payment to resume your amazon account, scammers will attempt to lead you to a fake Amazon log-in page. (The URL of the genuine Amazon page should be amazon.com.)
You will be asked to submit credit card info as well as other PII — as you’ll know by now, scammers will be able to gain access to the credentials you’ve typed. Don’t let that happen!
NatWest Phishing Emails
We’ve reported on fake NatWest emails before, and this week there’s a new wave — have you seen this one as well? Pretending to be from NatWest, scammers send you fake security notification emails with the aim of scaring you into running a security check via a fake harvesting page.
The link will take you to a fake NatWest log-in page. Don’t click or submit anything!
In other cases, using free gifts and other rewards as an incentive, scammers will take you to fake online survey forms — again, these are phishing pages where you’ll end up exposing your PII.
iPhone/iPad Survey Scams
Who doesn’t want a free gift? But when a random text comes with too-good-to-be-true offers, you’re better off ignoring it. Last week we saw over 10,000 fake iPhone/iPad giveaway text messages:
- Our sincere apologies for the interruption of your services this weekend, Robert! Here is a compnsation from us: <URL> Thanks once again!
- <NAME>, we have now tried to contact you several times regarding your TV. Read more here: <URL>
- Hello <NAME> we have made multiple attempts to contact you regarding your item. Please visit the link for more information: <URL>
Just as we’ve stressed several times, these links will take you to a fake webpage disguised as a questionnaire, which says you can win a gift after completing it.
Tips to Stay Safe Online
- Double-check the sender’s mobile number and email address. Even if it seems legitimate, think twice before you take any action.
- Free gifts are a red flag.
- Only use official websites and applications. Never click on dubious links!
- Check if any of your PII has been leaked and secure your social media accounts using Trend Micro ID Protection.
- Finally, add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection will help you combat scams and cyberattacks.
If you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected. Also, please consider leaving a comment or LIKE below.