Smishing Attempt - Real Example

This is a real example of a recent smishing txt message sent to Detective Superintendent Neil Jones’ personal phone on the 30th May at 8.12pm.

Smishing attempts are a common method of attack, often posing as well-known organisations that the target is likely to have an account with. In this case, the fraudsters pretend to be PayPal, claiming there is an issue with an existing account. Note the sense of urgency in the message, this is a common tactic and was used in a recent extortion attempt which you can view here.

It is important that if you receive a txt message asking you to click, you stop and check the URL before you click or give away any sensitive data. As you can see in this attempt, the second part of the URL is caseid4359.com, which is very unusual for a company like PayPal. Some attempts are more convincing than others though, like subtle changes to a URL to make it look authentic such as pay.pal.com.

The Cyber Resilience Centre always recommends that you research the full URL using https://who.is. This website will verify when the domain was registered and who it belongs too. You can also contact the account provider directly to check whether the message or email is real.   

In this case, the WHO.IS search on caseid4359.com shows it was created at 5.21pm on Saturday 30th May, just 3 hours before the smishing text was sent. Therefore, the domain was likely registered specifically for the smishing campaign. The registrar details suggest the fraudsters are located in the Netherlands.

For more information and advice on phishing and smishing, visit the National Cyber Security Centre’s website here.

crc