Media in the New Millennium

Observations on social media — and the occasional rant — from Metzger Associates' New Media Practice Group

Media in the New Millennium header image 2

Very Clever Mobile Phishing Scheme

August 18th, 2009 · No Comments

posted by Doyle

My daughter received a text on her cell phone (T-Mobile is our carrier, but to be clear, not responsible for this) telling her that T-Mobile was concerned about repeated attempts to access her account from an IP address in India. Wow, way to play on some fears. My daughter is in high school — translation, I pay for my daughter’s cell phone — so she forwarded the message to me.

It seemed irregular, but I wanted to check. First I called T-Mobile, and they assured me it was not a message from them. (Their only fail here is a complete lack of concern that a phishing scheme was using their name.) I couldn’t resist, so I called the number, and got a robotic voice announcing that I had reached the “security center” (how official!) and repeating that my “account may have been compromised.” It then immediately asked for me to enter my 16-digit credit card number for verification.

Um, I don’t think so. But I was curious, so I entered 16 bogus digits.

Thank you! The voice asked me for the expiration date. More bogus digits.

Now, the three-digit code on the back of the card. More fakes. Just to keep me honest, I guess, this time a different voice told me I made an invalid entry (hey, that’s not my first, pal!). So I punched in three more goofy numbers, and they went right through.

But we’re not done: now they want my PIN code. Sure! “1234.” (No, it’s not.)

The voice then thanked me and told me that a security representative would contact me within five business days. That’s going to be a good trick, since they don’t have any contact information whatsoever.

Much like my post on Craigslist scammers, I’m writing this to hopefully alert others of this issue. Sadly, unlike my good friend Ro Ju in my last post, this is pretty clever and diabolical. Had I even entered a credit card number, I would have caused myself all sorts of problems, but these guys came up with something reasonable compelling with the text (enough to make me check it out) and then quickly asked for all the information they need to wreak havoc.

Pretty sad that the bad guys are using all the communication tools the rest of us are just to be bad guys.

  • Share/Bookmark

Tags: Web/Tech

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

0 responses so far ↓

  • There are no comments yet...Kick things off by filling out the form below.

You must log in to post a comment.

google