Hot Phishing Scams of the Week: AT&T, Walmart, FedEx, COVID-19, Amazon, BMW, and MORE!

This article is from Trend Micro.

Check out the top SMS and email phishing scams of the week! Would you be able to spot the scams?

What is a phishing scam?
Phishing is when scammers impersonate famous brands, companies, and organizations and send out fake text messages and emails containing phishing links. The aim is to entice you into opening the malicious links by using various excuses.

So, where do the phishing links lead to?

1. Fake online survey pages:
In some cases, they lead to online survey pages that state you can claim a gift by completing an online questionnaire. After you fill out the survey, you are prompted to enter personal information such as credit card numbers, before your “gift” can be delivered.

2. Fake login pages:
In other instances, the links lead to fake log-in pages that seem to belong to various brands. These pages require you to submit log-in credentials to view your delivery status, change your settings, or whatever other task the scammers have said that you need to complete.

Scammers can record any sensitive information you enter on these fake pages and use the data to commit cybercrimes. For example, they could hack into your bank account and withdraw your money or steal your identity. Don’t let them!

Hot Phishing Scams of the Week
AT&T SMS phishing scams
AT&T phishing text messages have been circulating for a while, but this week we detected a rise in the number of them, as well as some new versions:

1. Pending refund

Source: Reddit

• Final Reminder: Your ATT refund of $391.03 is still registered in our system as pending. Receive your outstanding balance now

2. Signal issues

• AT&T Free Msg: Appologies for the signal issues on Sept 16, John! Here’s a little reimbursement:

Shipping scams

Posing as delivery companies, scammers have been sending out fake delivery texts, claiming that people have missed the delivery of a package or need to reschedule its delivery. The notifications always contain a phishing link that the scammers want you to click on:

1. Walmart

The latest Walmart shipping text message phishing links lead to a Walmart online survey page:

• Your parcel from USPS was delivered to the parcel shop yesterday on 2021-09-27. View where you can pick it up: <URL>
• 4 Items addressed to you, will be getting there on September 27th. Confirm drop-off instructions, <URL>

2. FedEx

In FedEx shipping scams, the phishing links lead to a fake FedEx login page:

• frm:fedex50850498 msg:921860510courier driver couldn’t deliver your parcel today
• frm:fedex27281974 msg:614813834sorry we’ve missed you! we tried to deliver your parcel today

COVID-19 Relief Scams

We’ve reported on COVID-related scams before, including fake stimulus check scams, bogus job opportunities, and vaccination passport application phishing scams. Recently, a lot of new phishing text messages about COVID-19 relief plans have appeared. In their messages, the scammers try to direct you to fake login pages designed to mimic real government agencies’ websites.

1. American Rescue Plan

2. California EDD

3. Federal Assistance Program

4. COVID-19 vaccine check

Scammers falsely claim that if you’ve taken the vaccine, you can claim a “COVID check” via a phishing link. The value of the check may differ from this example, but no matter what, don’t fall for it!

failed to receive your $322 relief check for taking the vaccine? learn how to claim it today by going here <URL>

Amazon SMS Phishing Scams

Amazon is easily one of the most popular brands for scammers to impersonate. There are always lots of Amazon-related scams going around:

1. Shipping

• Delivery on Amazon: please confirm delivery – before we send you <tdr> the package: <URL>

2. Promotion & discount

• Offers you can’t resist! Open Axis Bank Savings A/C & enjoy flat 10% cashback on Amazon & Flipkart, upto 45% cashback on 30+ brands <URL> TIS
• (LAST CHANCE) One Time Release. First Come First Serve From Amazon Warehouses. Use Code “UNCLAIM” for Surprise Discount: <URL> Reply STOP to opt-out

3. AirPods raffle

• Amazon: Congratulations Julie, you came 1st in today’s Amazon pods raffle! Follow this link to : <URL>

4. Account security alert

• Your Amazon account is trying to log in from an unknown location, please update at <URL>

No matter which tactic they try to dupe you with, you will be taken to a fake Amazon online survey page:

Windfall Email Scams

Got an email that says you’ve won a BMW and you can claim it in exchange for your personal information? Be cautious of these “windfall phishing emails”!

1. BMW

Posing as BMW, scammers tell you that you’ve won a “brand new BMW 7 Series Car.” To get the prize, you are asked to reply with personal information:

2.  Partnership (fake investment opportunity)

Sometimes scammers pretend to have a lucrative investment opportunity. They send you an email, inviting you to “engage in an investment”, and that you’ll be granted 200 million dollars if you send your personal credentials back:

3. DHL Package Phishing

In addition to fake text messages, scammers also love to send fake delivery notifications via email:

If you follow their instructions and click on the attachment, you will be taken to a DHL phishing page and asked to submit personal information:

How to Protect Yourself

• Double-check the sender’s mobile number/email address.
• Free gifts or prizes are always a major red flag.
• Reach out to an organization’s customer service directly for help and support.
• NEVER click links or attachments from unknown sources. Use Trend Micro Check to detect scams with ease!

1. After you’ve pinned the Trend Micro Check browser extension, it will block dangerous sites for you automatically:

2. Send links or screenshots of suspicious text messages to Trend Micro Check on WhatsApp for immediate scam detection.

Download Trend Micro Maximum Security for even greater protection, including Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection. Gain access to the Privacy Scanner for Facebook and Twitter, Social Networking Protection, and Parental Controls, too. Click the button below to give it a try:

Did you successfully spot the scams? Remember, always CHECK before giving out personal information. If you found this article helpful and/or interesting, please SHARE it to help protect your friends and family!