Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsIT Pro and developersOdd SMS phishing attempt, for NZTA
kingdragonfly

11984 posts

Uber Geek
+1 received by user: 12867

Subscriber

#304301 22-Apr-2023 10:36
Send private message

Question: how is this obvious scam text supposed to work, in other words redirected to a phishing website?

I got this SMS message from an Australian mobile number, +61 413 520 252

NZ Transport Agency Toll Roads NZTA-You have an outstanding fee to be processed as soon as possible within 24 hours. So as not to fine. https://t.ly/NZ.TOLLpay

I went onto "t.ly" website to see if they were like bitly, where you could expand the URL. Of course they didn't, and they only have an email address to report a link, both very suspicious.

The URL was redirected to "https://xinsmturl.top/"

I did a WhoIs on that domain, and it lists the owner as
  • "Nathan Collier" in Victoria Australia.
  • * 新加坡商阿里巴巴电子商务股份有限公司
  • "Singaporean Alibaba E-Commerce Co., Ltd."


Which then redirected to the official NZTA website.

Did the scammer simply screw up the redirections? Was he trying to bounce from "t.ly" to "Alibaba" to a cloned web site?

(sidenote: I reported it to both the NZTA phishing report website and the DIA)

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5 | 6
stick
357 posts

Ultimate Geek
+1 received by user: 113


  #3066851 22-Apr-2023 10:49
Send private message

My Dad got two of these in two days, also a similar link. I just reported them to 7726 :)



freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3066852 22-Apr-2023 10:51
Send private message

It is obvious to you and me but to a few others it may not be. And any credit card number collected is a proft.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

amanzi
Amanzi
1354 posts

Uber Geek
+1 received by user: 331

ID Verified
Trusted
Lifetime subscriber

  #3066855 22-Apr-2023 10:55
Send private message

I just tried it and the phishing site worked as expected and i was not redirected to the NZTA website. It asked me for a registration plate and wanted to charge $2.40 for a rego renewal.



kingdragonfly

11984 posts

Uber Geek
+1 received by user: 12867

Subscriber

  #3066868 22-Apr-2023 11:02
Send private message

Yeah, I got two SMS messages in two days, from two different Australian mobile numbers.

I hadn't heard of scammers using Alibaba to redirect / hide / obfuscate a website.

Certainly doesn't make Chinese e-commerce Alibaba's reputation better.

kingdragonfly

11984 posts

Uber Geek
+1 received by user: 12867

Subscriber

  #3066869 22-Apr-2023 11:04
Send private message

amanzi:

I just tried it and the phishing site worked as expected and i was not redirected to the NZTA website. It asked me for a registration plate and wanted to charge $2.40 for a rego renewal.



I got Adguard running. Maybe that protected me?

amanzi
Amanzi
1354 posts

Uber Geek
+1 received by user: 331

ID Verified
Trusted
Lifetime subscriber

  #3066878 22-Apr-2023 11:15
Send private message

kingdragonfly:
amanzi:

 

I just tried it and the phishing site worked as expected and i was not redirected to the NZTA website. It asked me for a registration plate and wanted to charge $2.40 for a rego renewal.

 



I got Adguard running. Maybe that protected me?

 

I would be very impressed if Adguard detected that it was an NZTA phishing attempt and then redirected you to the legitimate NZTA website. I haven't heard of any security software doing that before.

 

 

 
 
 
 

Shop on-line at New World now for your groceries (affiliate link).
Oblivian
7345 posts

Uber Geek
+1 received by user: 2117

ID Verified

  #3066882 22-Apr-2023 11:30
Send private message

https://checkshorturl.com

Always better than going to the shorteners site which can be equally as click aware as the dodgyness itself



It's now reporting moved/redirect 301. Likely given the.top abuse is so widespread.

yitz
2238 posts

Uber Geek
+1 received by user: 594


  #3066883 22-Apr-2023 11:35
Send private message

kingdragonfly: I got Adguard running. Maybe that protected me?

 

If you read the script it looks to be targeting mobile browsers only and redirects to the proper site if you are using desktop.

BlakJak
1330 posts

Uber Geek
+1 received by user: 735

Trusted

  #3067026 22-Apr-2023 17:09
Send private message

Not odd. Just clever. And sadly this is likely to catch people who are heavy mobile users (I dunno about you but most of the time this sort of transaction is done on my computer, not my phone).




No signature to see here, move along...

Ruphus
469 posts

Ultimate Geek
+1 received by user: 181


  #3067076 22-Apr-2023 22:00
Send private message

I had three people call me last weekend saying they had received an SMS from my number (+6421xxxxxx) saying the message was from the NZTA. I had to let them know it was a scam and to not respond to the message.

BlakJak
1330 posts

Uber Geek
+1 received by user: 735

Trusted

  #3067080 22-Apr-2023 22:15
Send private message

Each one of those people needs to forward to 7726. I reckon a lot of these scammers go unreported or unnoticed because authorities and carriers are not notified. Especially if the source number was forged.




No signature to see here, move along...

 
 
 
 

Shop now on AliExpress (affiliate link).
Wheelbarrow01
1784 posts

Uber Geek
+1 received by user: 2638

Trusted
Chorus

  #3067139 23-Apr-2023 00:44
Send private message

Here’s the one I received at about 2.30 yesterday morning:

 

[EDIT: apologies for the massive screenshot - I uploaded it to GZ from my phone browser and it's just how it came out]




The views expressed by me are not necessarily those of my employer Chorus NZ Ltd

kingdragonfly

11984 posts

Uber Geek
+1 received by user: 12867

Subscriber

  #3067207 23-Apr-2023 08:42
Send private message

Ruphus: I had three people call me last weekend saying they had received an SMS from my number (+6421xxxxxx) saying the message was from the NZTA. I had to let them know it was a scam and to not respond to the message.


I thought New Zealand carriers already preventing Caller ID Spoofing; Are we really lagging behind the US in government technology? It's not hard; if they haven't they really need to get their sh*t together.

American FCC, Federal Communications Commission, Stop Unwanted Robocalls and Texts

Unwanted calls – including illegal and spoofed robocalls - are the FCC's top consumer complaint and our top consumer protection priority. These include complaints from consumers whose numbers are being spoofed or whose calls are being mistakenly blocked or labeled as a possible scam call by a robocall blocking app or service. The FCC is committed to doing what we can to protect you from these unwelcome situations and is cracking down on illegal calls in a variety of ways:
  • Issuing hundreds of millions of dollars in enforcement actions against illegal robocallers.


  • Empowering phone companies to block by default illegal or unwanted calls based on reasonable call analytics before the calls reach consumers.


  • Allowing consumer options on tools to block calls from any number that doesn't appear on a customer's contact list or other "white list."


  • Requiring phone companies to implement caller ID authentication to help reduce illegal spoofing.
    Making consumer complaint data available to enable better call blocking and labeling solutions.

kingdragonfly

11984 posts

Uber Geek
+1 received by user: 12867

Subscriber

  #3067209 23-Apr-2023 08:46
Send private message

Enterprise Apps Today: American Robocalls Statistics

in the United States, Robocalls that were fraudulent accounted for 34% of all calls in 2020.

More than 56% of senior citizens receive at least seven robocalls per week.

In 2020, 40% of all incoming calls were scams.

Every second, around 2,700 robocalls are placed.

Every phone owner receives an average of 28 robocalls and texts every month.

By the middle of 2021, the average cost of fraudulent robocalls was $1,200.

In November 2021, there were over 7 billion robocalls in the United States.

Due to COVID-19-related robocalls, Americans lost around $13.4 million in May 2020.

89% of senior citizens in the United States have received at most one robocall every week in 2021.

Over 50 million residents Americans lost their money to a scam phone call in 2020.

In 2019, a spam call lasted an average of 45 seconds.

According to Market.us’, the chatbot market size is projected to reach USD 4.3 billion by 2032.

Males are more often victims of fraud than females.

As of July 2021, victims of scam calls suffered an average loss of $502.

Oblivian
7345 posts

Uber Geek
+1 received by user: 2117

ID Verified

  #3067371 23-Apr-2023 14:23
Send private message

I wonder if the reply 1 to activate is utilising the Samsung hack

Have number, can do naughty

https://mashable.com/article/android-phones-exynos-modem-bug

 1 | 2 | 3 | 4 | 5 | 6
View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright