Cybercriminals are trying to dupe netizens using an SMS scam where they pose as fake Apple chatbot, according to cybersecurity firm Sophos.
Sophos, in a recent blog post, detailed the SMS scam where users may receive a message from attackers posing as an Apple chatbot. They will receive a message addressed to a ‘Christopher’ stating that Christopher has been chosen to take part in an iPhone 12 trial.
“The scam first shows you some cheery messages from a fake Apple chatbot to tell you why you – actually, to tell you why Christopher – had enough luck to be chosen to take part in an iPhone 12 trial, and then it invites you – actually, it invites Christopher – to join in,” Sophos explained in the blog post.
The address mentioned in the message, along with a URL for the stated iPhone trial registration, seem genuine at first as per the report.
“But the blue characters are simply the clickable text of the link, not the URL that is the destination of the link,” Sophos wrote.
“At this point, you’re no longer in the SMS messaging app, but have clicked through into your browser, so you can see where the fake link leads if you hover your mouse over it,” it added.
Users who may be curious may clock on the link, which will lead them to the web browser. Here, the website will ask them to enter their full name and address.
“In case you’re wondering, the name-and-address answers above in part 3/5 don’t matter a jot. We tried clicking numerous different combinations and, unsurprisingly, the crooks let us through anyway. The questions are there just to provide a plausible connection back to the SMS that was meant for “Christopher”, but that reached you instead. It’s as though the criminals are trying to “authenticate” themselves to you, rather than the other way around,” Sophos said.
Also read ‘Work from home’ online fraud most prevalent in India
Credit card payment
From there, the site asks users to enter their payment details so that the company can charge them between £1- £2 courier fee for the “free phone.”
“Then you end up on a credit card payment form that’s hosted on what looks like a “special offers” website with a a believable enough name, and with an HTTPS security padlock if you take the time to look,” it said.
When a user enters these details, hackers can then get hold of a user’s information, including their full card number and security code.
Attackers also often shorten the URL to make it more believable. Sophos suggested users look out for visual blunders and grammatical errors to identify such scams. It also asked users to not click on suspicious links and to use web filters, including a Virtual Private Network (VPN) for better security.