More than 70,000 Android devices have been infected in France from a simple SMS. This new phishing campaign is therefore effective and has managed to play on the gullibility of some consumers. Behind this scam is a group of Chinese hackers who are no doubt aware of the power of phishing. Back to the facts. We’ll tell you everything so you don’t get tricked too.
What is phishing?
It’s a scam that relies on a childishly simple yet devilishly effective system.. Scammers simply pretend to be an official organization. The victims believe they are in the right place and are being guided. At the end they give their personal data. And it’s already too late. This information is in the hands of malicious individuals who sometimes go so far as to drain the victim’s accounts.
Certain official bodies often issue press releases to indicate that they are the target of criminals. This is the case with the coffee shop or the post office, which are often copied so that fraudsters can recover sums of money.
To give you an example of phishing, no doubt you’ve been faced with non-stop calls, emails and/or text messages regarding the CPF. In fact, scammers are indeed going full steam ahead. Their goal is simple, they want to regain access to your account in order to suck up all the dollars on it. To avoid falling into the trap, start with a simple observation that applies to all scams.
SMS: How does the scam work?
” Your package has been sent. Please check and receive it“. This is the message you will receive. Since many people order on the Internet, it is inevitable that Hackers sometimes just fall. If you haven’t ordered anything, you can probably think of a scam. But if you are expecting a package then you can click on the famous URL offered. But this link is caught. And it allows the hacking group to launch multiple data collection campaigns in Europe and in France. When you click on the link, the page actually offers an update of the browser you are using. But it is actually malware that installs it.
This software is aimed exclusively at France, as the site will display an error message if you open it outside of French borders. How does it actually work? It’s easy. Once downloaded, the MoqHao software collects information about the tricked device. This allows him to send booby-trapped text messages from the hacked phone.
“We traced one of the numbers used to send phishing text messages, it was an average person whose phone was hijacked without them realizing.” explains Numerama an engineer.
What to do if you receive a suspicious text message?
When the engineers discovered this well-executed scam, they still don’t know exactly what its purpose is. However, they have their own ideas on this topic: We believe they are financially motivated. The group steals a massive amount of data from individuals, but we don’t yet know the ultimate interest. This can be data resale, a first step before another, more sophisticated step “.
What to do as an average citizen so as not to be fooled? Just follow a very simple rule. Never click on links sent to you via SMS or email. If you are indeed expecting a package, go directly to the carrier’s website to see where it is.
Phishing campaigns are well designed but have flaws. Never, while the package is being sent, a carrier will ask you to provide more information in order to receive the package.
As a general rule, when in doubt, you should visit websites that you think are being copied by scammers on your own. At least don’t let yourself be fooled. You will stay away from malware.