In another fake bank SMS scam attempt, criminals send class 0 messages to get users’ attention
It’s no surprise that criminals try to scam people to steal confidential information or money — with technology, this has become even more frequent. Recently, the Kaspersky warned of a new coup attempt by fake bank SMS in Brazil, which applies the so-called phishing, social engineering technique applied to induce people to share private information.
Yes, criminals are again resorting to simple and popular SMS (in addition to internet scams), the same used by many companies to send advertisements and spam daily. However, so that the message does not go unnoticed by the user and get lost in the inbox, it is sent in the format of SMS class 0.
What is SMS Class 0
Unlike messages classified as class 1, SMS class 0, also called Flash SMS, is a message format that appears suddenly, taking up the entire smartphone screen. And that happens regardless of cell phone model, operator, or operating system.
In these cases, the SMS does not go to the inbox, nor is it saved on the chip or on the device itself. Per appear full screen reading it is mandatory. Thus, the SMS class 0 it has a higher priority than the other messages received by the device, and is generally used by authorities in emergency cases, such as storms or fires, among other types of risk to the population. However, some operators also use this format to send important announcements — and it is also used in advertising messages from companies.
How does this scam work
As you can see, once you receive the SMS class 0 it is not possible to ignore it. So how does this scam work?
This is where the issue of social engineering comes in, misleading people through false information. According to a statement, Kaspersky explains that the scam is applied by sending a fake bank SMS (unspecified) to the institution’s users warning about a bank account blocking.
In this case, the message comes with a link that would likely redirect people to the malicious page so the criminals would then steal the data, but it seems that this SMS scam is still being developed — that’s because the users who received the SMS class 0 could not access the link sent along with the message.
However, it is possible that in the future a new fake bank SMS will be sent in an improved and final format, which will allow the theft of people’s data and information. That’s why it’s important to know how to prevent yourself. Another SMS scam attempt previously identified by Kaspersky in Brazil was the change of spelling of messages in an attempt to bypass the filters used by operators and deliver messages to users, replacing spaces with special characters.
how to protect yourself
For users of iPhone, there is good news: the iOS 15, released in early July, came with a class 0 SMS spam filter to protect users from this type of scam and improve the usability of the devices.
However, for people who use other operating systems or who have the iPhone but want an extra layer of protection, there are some recommendations that can be followed to lessen the likelihood of falling for an SMS scam.
First, when receiving any message, contact your bank’s official communication channels to confirm the sending and the veracity of the information received. Second, never click on links that direct you to suspicious addresses and never enter your personal information or make payments on pages that don’t look secure. Just in case, if you receive a message with a link that directs you to a website, prefer to access the portal directly from your browser — this way, you will certainly be safer.
Phishing attacks usually try to replicate the official channels of institutions, but there will always be some distortion, whether in the email address, the website’s URL, the number, among other possibilities — that’s because the real ones are already being used. Therefore, be aware and always check to see if they actually correspond to the real ones – you can check on the official pages which forms of communication are used by the institution, which emails are used to send notices, if they send messages to cell phones or no, among other information. If in doubt, go back to step one and contact the bank to confirm the veracity of the statement.
Also, use security software and keep it up to date to ensure your safety. There are several options available for varying prices that will save you a lot of headaches.
Now that you know how to identify and protect yourself from a fake bank SMS scam attempt, take the time to understand the steps you can take to avoid falling victim to a ransomware attack. If you think that criminals only target companies or institutions, you are wrong: Rafael Pereira, a 34-year-old illustrator, was attacked and had all his files encrypted, and Showmetech tells the story in a special story.