Cyber Security Follow Up: I Got Phished

Posted on Dec 19, 2013 in Cyber Security, San Diego Lawyer | Comments Off on Cyber Security Follow Up: I Got Phished

Less than 24 hours after publishing my last post I (almost) became a victim of phishing myself. What interesting timing! Read on to see how they tried to get to me and what classic phishing signs I recognized. I will not post complete phone numbers below but did receive everything in full 10 digit phone numbers.

Here’s how I got phished. At 6:45pm this evening I received the following text message:

PleaseContact[US-Bank]SecDept@(323)647-25*0

My first thought was “Oh no! Somebody got my credit card information!” My phone had made the phone number, essentially, a clickable link and I was about to tap it to make the call when I stopped for a second and realized this seemed fishy. I started to look for phishing red flags.

1. The text message was written in a strange manner. The combination of symbols and abbreviated words seemed very unprofessional for communication supposedly coming from a bank.

2. The number I was supposed to call was a foreign number to me. I figured that the security department at a major bank would likely have some sort of 800 number rather than the random 323 area code.

3. The text came from 858-47*-2019@vtext.com. Vtext is a service available on the Verizon Wireless website that allows a user to send a free text message to any Verizon Wireless number. A bank would definitely not send a text message about account security via the Verizon Wireless website.

I looked up the actual number for the US Bank Fraud Department. It was, in fact, an 877 phone number, and called to report the scam. They knew about the phishing text message and said that they had been receiving calls about the same message for about two hours. The representative told me that these types of things tend to come in “batches” and that this “batch” of victims was all Verizon wireless phone customers. All of the previous callers were given the same 323 phishing phone number but most of the other callers had received the text message from a 619 phone number @vtext.com. It looks like San Diegans were under attack tonight! The representative said that their fraud department was working to get the 323 phishing phone number shut down.

These criminals were smart. They attacked in the evening, when cell phone users are tired and less alert. They used a big name company and made it easy for recipients to fall into their trap. Had I not looked more closely at the message, I could have quickly tapped the phone number and automatically been connected to the phishing line.

You can never be to careful. Phishers are getting smarter every day. Just remember: “If it seems fishy it’s probably phishing!”

Subscribe to our free Estate Planning Newsletter

Join our mailing list to receive the latest news and updates from our Estate Planning team.