As the new year starts, criminals are clearly continuing to behave like they did throughout 2019.
The following relates to this text message sent by a cyber ambassador on New Year’s Day.
So why is it a scam? Well if you don’t use PayPal it is clear that it is suspicious. Delete it.
Look at the mobile number of the sender, research the number. A handy website is https://scam-numbers.co.uk/
This website will show that the mobile number has been linked to a text purporting to be from PayPal and that it is likely to be a scam.
If you look at the link within the text it is HTTP when I would expect HTTPS. (S for secure)
**WARNING** HTTPS is not a guarantee that a domain name is genuine, you still need to research everything that follows the HTTPS.
For those of you who want to know a little more about how to detect a fake domain name, visit https://centralops.net
This website provides a host of internet tools for an investigator, so enter the suspect link from the text http://ppayp.info into the box where prompted and click go. This will give you a domain record including when the domain name was registered and from where. So in this case, it was created on the 31/12/2019 at 05:46 hours UTC, hours before the text message was sent and received.
This is highly suspicious to me, someone has created a domain name that looks similar to PayPal. The fact that the domain name was registered only hours before the text was sent is also highly suspicious. Once the domain name is registered and live, criminals using a list of stolen/compromised telephone numbers, will send out thousands of scam text messages in the hope that at least a few people click on the link believing it to be from PayPal. Those that do click on the link will end up providing their email address, password, and other private information to the cyber criminals.
DON’T CLICK ON A LINK OR OPEN AN ATTACHMENT UNLESS YOU ARE CONFIDENT THE SENDER IS GENUINE.
If in doubt, verify the sender and content of the message by using an independent trusted form of communication, never reply to the sender of the text, email or instant message.
If you are confident, send the link to Action Fraud (https.actionfraud.police.uk) or just delete, delete delete.