Sophisticated Scam Of The Week: Cell Phone Voucher



verizonThere's a fresh, well thought-out social engineering scam sticking up its ugly head right now. The bad guys are promising cell phone users amounts of up to $100 in vouchers using a combination of Caller ID spoofing and a fake website. The quality looks like it's the Russian cyber mafia behind it.

Here is how it works. You get a call, and the Caller ID looks like it comes from your cell phone company "Tech Support". The bad guys are targeting Verizon and AT&T, but watch out for variants using Sprint, T-Mobile and others.

It's a robo-call stating you are eligible to receive a voucher for your account. The amounts vary up to $100, and you need to visit the website to claim your voucher. The URLs look like legit phone company websites, and they are changing these URL all the time to evade filters. For instance, they promise you a $59 voucher and want you to go to "verizonvoucher59.com".

You go to the pretty real looking website, (it has stolen all the original phone company logos) and the site wants you to "Verify My Account" and enter your cellphone number, your ID / password and to add insult to injury, the last four digits of your Social Security number. But if you enter that info, you won't receive a voucher, but your risk of identity theft has skyrocketed.

This Scam's Red Flags:

1) Spoofed Caller ID. (Do not trust the Caller ID you see on -any- call).
2) The URL is made to look like the real phone company but isn't.
3) Never act on incoming calls like this, call the company at the 800 number on their website to verify.

And oh, while we are at it, there is a very aggressive Netflix scam doing the rounds too. It starts with a fake Netflix site that states they detected unusual activity on your account, and to call Member Services at an 800-number. You call, a live person answers, and the scammers install spyware; request a photo of your ID and credit card, and at the end of the session the "agent" attempts to charge $400 – minus a "discount"...yeah sure. Here is the video, very interesting to watch and be warned:
http://vimeo.com/88296385#at=0




Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews