Criminals now include the recipient’s name in phishing SMS messages. Numerous data leaks have made it possible to link the names of the targets with their telephone numbers.
A well-known scam has been exposed by the scammers. Several people reported, at the beginning of October 2024, having received a new phishing SMS on social networks as well as on the signal-scams.com website. The criminals use a well-known narrative: the undelivered package. The hackers claim that the order did not arrive because the box did not fit in the mailbox.
However, cybercriminals are innovating this time, by adding the recipient’s name in the SMS to personalize their trap. A link is embedded in the message to “ set a new appointment ».
The site in question was created by the criminals on October 3, and it has already been deactivated by Google. Generally, these “clone pages” copy the official La Poste platform and invite you to pay a few cents for the service fee. Obviously, this is just a trap to steal credit card data, to then resell or reuse it.
How scammers add your name to phishing text messages
Data leaks have continued every week since the start of the school year. Boulanger, Cultura, SFR and Meilleurtaux.com: several massive databases have ended up on cybercriminal forums and have already been shared several times.
These files are therefore a treasure for everyday hackers, who can simply launch programs to automate the sending of SMS to leaked numbers, with the names that correspond in the lines of the stolen files. These manipulations are not very complex and have been simplified with the democratization of cybercrime.
« Criminals can cross-reference all the files collected to match the name, first name, telephone number, or even other information. If only the Meilleurtaux.com leak, the leaks go well beyond simple identification information. We must be extra vigilant and above all activate multi-factor authentication as soon as possible. » recommends Benoit Grunemwald, cybersecurity expert at ESET.
To distinguish an SMS sent by hackers from a legitimate message, here are some tips
- Take a good look at the recipient. La Poste, Colissimo or Mondial Relay will not send messages with a number starting with 06, 07 or 09.
- Do not click on any link if it seems suspicious to you.
- Go directly to the delivery service’s website with your package number to check if it has any transport problems. It will always be safer.
- You can contact the companies involved directly if you have any doubts.
The key is to remain cautious and avoid acting in haste, even if you are in a hurry to receive your package.
Source: www.numerama.com
