eCommerce has made it much easier to sell, and of course, it has also brought with it a considerable increase in shipments, something that has also made the attempt to sell, especially in these Christmas seasons of high sales, and despite the fact that many of us are attentive to signs of these potential scams, currently is facing a new variant that is somewhat more complex and massive, via smishing.
The false MRW SMS that tries to defraud users by taking advantage of personal data
The same that in recent days has suffered an identity theft attack. According to the MRW report, fraudulent messages are circulating using the name and brand of MRW through SMS, email messages and images that request an advance payment or contain links to potentially misleading web pages where users could share sensitive data.
🚨 Alert! Possible fraud via SMS using the name of MRW.
Messages that are likely to be a fraud are circulating. We remind you to take into account the considerations of the link to our website:
– MRW Spain (@mrw_es)
This type of attack is nothing new, and in fact it could have gone unnoticed if it weren’t for the fact that the messages include sensitive user information, such as the names of both the user and the store where you purchased, as well as the identifier that was assigned to your shipment.
According to , Incibe, “A smishing campaign has been detected impersonating the MRW company through SMS. The campaign detected in the SMS urges the user to pay the shipping costs to receive the alleged package through a malicious website that impersonates MRW.
The message reaches users who are waiting for a shipment from MRW, with a template that indicates:
«Dear (customer name), you must pay the cost of shipping (shipping number) from (store where the purchase was made). You can do it (fraudulent website).”
a message where all data matches perfectly as indicated by the same users who have received the SMS that may contain variations in the text, everything except the page to which it indicates to enter which has supplanted MRW in detail, and in which a payment of 0.99 euros is requestedwhich intends not only to steal this sum from those who fall into the trap, but also the users’ banking credentials.
what is smishing
You are probably more familiar with the term , by which cybercriminals they try to obtain information and private data through an email that appears to come from a recognized entity. Smishing has the same basis, but is sent through a text message or SMS.
In accordance with , smishing is an emerging and growing threat as more companies use SMS as a means of direct and rapid communication with users, a form of fraud that has more alerted users who tend to trust text messages much more than emails.
What you can do to keep your data safe
MRW advises not to open email or SMS messages that are identified as being from the company if any of the following situations occur:
- If you have received an email or SMS without a tracking number and you do not use MRW services.
- The email has an attached file and there is no evidence that you are using the MRW services.
- The email indicates that an attached file must be opened to obtain the tracking number.
- In the SMS or email, the links on which you are requested to click do not correspond to the MRW website.
Also, if you receive a suspicious email or SMS containing a tracking number, the company claims that you can verify if this number is valid by entering it in the box “Tracking number”. If no data is obtained, it is not a valid tracking number and the email has not been sent by MRW.
Incibe has also recommended to avoid being a victim of fraud of this type:
- Do not open links from unknown users or that have not been requested, and delete them directly. In case the message comes from a legitimate entity, it will not contain links or attachments. In no case is it recommended to reply to these messages.
- Although they are messages from known contacts, their veracity must be confirmed by other means before following links or downloading attachments.
- Before making a payment, it must be verified by another means and trustworthy, the entity that requests it, that is, corroborate that it is not a fraud.
Other cases of smishing that have supplanted parcel companies
The MRW case is the most recent and involves some truthful user data, but of course it is not the only one. In recent weeks, smishing cases have multiplied, especially impersonating parcel companies as they can encourage users to track packages through their malicious links.
Among the companies that they have tried to impersonate, several users have notified that they receive an SMS that says “your shipment is on its way” along with the URL that redirects to the download of a malicious app that even has the logo of the courier company.
On the other hand there is which was also supplanted by cybercriminals who send an SMS requesting to make a payment of 2.99 or 1.99 euros to send a pending order, which is also an identifiable smishing not only because the URL is not the official one of the company, but also because spelling or writing mistakes can even be found.
International companies like DHL and FedEx have suffered smishing campaigns in the countryand as in the previous cases, users have reported receiving messages notifying them of the tracking of their package by clicking on a link that download malware onto devices.
Stay informed of the most relevant news on our news channel
Facebook Comments
Disqus