Once the ‘WhatsApp’ of the first mobiles, SMS messages ended up being cornered when phones became smart, and messaging applications began to gain importance. But today they are still widely used for bank statements, for verifications in 2 steps or notices from courier agencies like Seur, precisely the protagonist of this story.
Fake SMS message
The OSI, the Internet User Security Office, reports that a campaign to send fraudulent SMS (smishing) has been detected that impersonates the identity of the SEUR service. The objective is to “redirect the victim to a page that pretends to be the legitimate website of the courier company, which asks the user to make a payment of 1.99 euros for the package’s shipping costs.”
The scam works as follows: a malicious SMS alerts the user that the package is pending delivery and payment of the shipping costs (€ 1.99) must be confirmed. A link is provided for this. We can see that the message is written correctly although punctuation errors are detected.
The requested payment is minimal (€ 1.99), “a fact that possibly makes more victims fall for the deception” as it does not entail a great economic cost for the user. But you have to keep one thing in mind: No company sends payment requests by email, where personal data of its customers are requested. “If you receive a similar email, do not provide any information. If in doubt, contact the service provider directly to ensure the accuracy of the information.”
A Smishing scam to steal your card
By clicking on the link, the user is redirected to a page that tries to imitate the legitimate one, where they are instructed to enter their data and pay € 1.99 to receive the package. It should be noted that the form fields perform actions that attempt to validate the data entered by the user. The objective is to give truth to the web and not to raise suspicions in the victim user.
After pressing the “Confirm” button, the user is redirected to a page that contains a form where the bank card details are requested: holder, card number, expiration date and security code. At this time, it is already suspicious that the price of shipping costs changes and increases to € 2.99, it is not the € 1.99 that they initially indicated.
After clicking on the “Pay” button, the user is redirected to a page with a form where a code is requested that is supposed to arrive by SMS. This strategy is used to give the payment process more credibility and, although the SMS will never receive it, cybercriminals have already fulfilled their objective, which is to get hold of your bank card details.