Do not click links in text messages that come from your own phone number

Posted:
in General Discussion
Users on Verizon's network have reported receiving text messages that appear to be sent from their own phone numbers. Here's why you shouldn't click those links.

Credit: Verizon


The messages notified the user that their bill had been paid and that they would receive a free gift if they clicked the included link.

The messages appeared as though they had come from the user's phone. Tapping the phone number in the sender's details would redirect to the user's own contact card.

These spam texts also contained phrases like "free msg," "bill is paid," and "gift" -- all of which are common phrases used by malicious actors. However, Alex Lanstein noted on Twitter that Verizon's spam protection systems have failed to block messages containing multiple of these phrases.

Cc @VerizonSupport you folks should be able to detect sms spam, spoofing my own vzw number, that spoofs your own bill pay messages. Doesn't take advanced #ai #ml pic.twitter.com/wjXXS8mYKR

-- alex lanstein (@alex_lanstein)


The Verge remarked that while iMessage on iOS offers a "Filter Unknown Messages" feature, these texts still managed to successfully breach the filter and appear on his iPhone.

Welch also noted that when he clicked the link in the message, it would take him to the website for Channel One Russia, a Russian state television site. Other affected users have reported being routed to similar Russian websites.

While the links in this most recent scam appear to be harmless, messages such as these often are part of "smishing" -- or SMS phishing -- scams.

Phishing scams are when malicious actors impersonate official communications and websites from otherwise reputable companies to trick users into entering their account credentials under the guise of official business.

These scams typically attempt to recreate the look of an official email or text communication coupled with a link to an external website. On the website, the victim would be prompted to enter their personal information, often their account name and password.

Any time you receive unsolicited texts, it is advised that you do not click the links within them. This includes texts from people you know, as many phishing scams will use compromised accounts to trick potential victims into clicking links.

Read on AppleInsider

Comments

  • Reply 1 of 8
    geekmeegeekmee Posts: 629member
    Only users still believing there is a ‘free lunch’ need to worry about these messages.
    watto_cobra
  • Reply 2 of 8
    crowleycrowley Posts: 10,453member
    What happens if you block your own number?
    fotoformatwatto_cobra
  • Reply 3 of 8
    badmonkbadmonk Posts: 1,265member
    As a Verizon customer, this just started for me 48 hours ago, though they are coming from multiple domestic numbers. In this day of Pegasus malware I would recommend not clicking on jack.
    watto_cobra
  • Reply 4 of 8
    itinj24itinj24 Posts: 49member
    Got one of these this morning for the first time. Thought it was an iMessage scam at first since it came from myself so I contacted Apple Support. They asked me where the link takes me.  I responded, ”I haven’t opened it.  You think it’s safe?”  Thank goodness they replied “no, don’t open it” lol.  Not like I was going to anyway…
    muthuk_vanalingamwatto_cobra
  • Reply 5 of 8
    I've gotten similar as an AT&T customer,.
    watto_cobra
  • Reply 6 of 8
    NYC362NYC362 Posts: 70member
    I've received about a dozen spam texts over the past few days.  

    The "Verizon" one was one of them, but also allegedly from Home Depot and messages telling me I had a package waiting for me.  I just keep adding the numbers to the block list on my phone.


    watto_cobra
  • Reply 7 of 8
    AppleZuluAppleZulu Posts: 1,934member
    Seems like this scheme as described should immediately fail several mental filtering tests.

    1) Don't click on random, unsolicited links.

    2) If you did not just send yourself a text message, then the text message received seemingly from your own number was probably not actually sent by you.

    3) Does the text received in #2 include a link? If yes, see item #1.
  • Reply 8 of 8
    badmonkbadmonk Posts: 1,265member
    And today I got one that originated from me…frustrating, the ones that originated from someone else for the prior 48 hours seem to be connected in some way.  Is this a corrupt way to bring hard currency support to the Russian government?
Sign In or Register to comment.