[COMPLETED] šŸ”2nd Scam Spotting Challenge: SMS EditionšŸ”

Firmy
Firmy Posts: 1,905 Community Manager
edited November 13 in Announcements

Weā€™re excited to bring you the 2nd Scam Spotting Challengeā€”and this time, weā€™re shifting our focus to SMS scams šŸ“± Scammers are constantly evolving their techniques, and SMS has become one of their go-to methods to trick people into clicking on malicious links or sharing sensitive information.

Challenge Details:

šŸ“… Open Until: November 13th, 08:30 GMT
šŸ’¬ How to Participate: Examine the attached suspicious SMS sample and share in the comments how you determined it was a scam attempt. Describe in your own words what specific clues tipped you offā€”itā€™s best to rely on your own knowledge rather than AI for an authentic response.

Rewards:

šŸŽ–ļø Exclusive Badges will be awarded to all participants.
šŸ† The participant with the most accurate answer will receive an exclusive prize from F-Secure.

Whether youā€™re a scam-spotting expert or just getting started, this is a great chance to share and grow your skills with the community. Every submission helps others become more aware of SMS scams and how to spot them.

Ready to tackle the challenge? Comment below with your answer and join us in the fight against SMS scams!

Firmy
Community Manager | F-Secure Community
šŸ” Strengthening digital security through knowledge and collaboration
šŸŒ Explore our User Guides | Knowledge Base for self-help resources
šŸ’» Empower yourself with Cybersecurity Insights and protect what matters
šŸ“¢ Help Shape Our New Homepage! Share your input in our design survey.

Comments

  • apassi
    apassi Posts: 9 Explorer

    You should always check the number from which the message was sent. Neither company requests a change of address or information, so even asking for an address should attract attention. Also the link that should be clicked is extremely suspicious.

  • Ukko
    Ukko Posts: 3,768 Superuser

    Well..

    first of all, with SMS things, the main point is whether you are yearning for something or not. Such as, the SMS you receive informs you of something you are waiting for or is completely unrelated to any reason for receiving it. Depending on timing or circumstances, one or another attempt may likely be more successful.

    if I received exactly such SMS, it would be easy for me to determine that it was spam/scam or some kind of fraud. The phone number is not my local one at all (LA?), I don't use the service mentioned, and so on. (in some forms) It might even feel like someone texting me by mistake. No need to pay attention at all and delete it immediately; would not undertake any investigation.

    if someone ask me what I think about this SMS that someone received, the following points will help to sense something phishy:

    ā€” most likely, such services (as FedEx) will not use the phone number as the sender.

    ā€” most likely, it will be easy for the local to spot any grammatical or punctuation inaccuracies or errors.

    ā€” it is best not to touch shorted links and generally suspicious-looking URLs at all. especially if the very essence of the received SMS is unclear.

    So,

    For example, expression "items is temporarily placed" is used here, although it would most likely be more correct "items are temporarily placed". Even the whole sentence is probably quite clumsy.

    However, none of this would always be a direct indicator of phishing, fraud or scam (especially if it is a small company or private owner or something else where there will not be so much attention to formality and accuracy). Maybe the courier took the initiative and decided to inform. and if someone were really expecting from (FedEx in this example), then I would have looked at the given link. Otherwise, trashed.

    Thus after the strange sender, possible grammatical and punctuation problems in the text, the URL used looks even more dubious to me.

    I think it's rare that anyone will use the .info domain for official communications (and with a domain name that has little visual connection with the "sender"). And if (which is often done) a shortened URL is used, then it will be some relatively well-known service.

    If I was itching to get something from FedEx, or if there was any possibility of this, then I would be puzzled and go try to use the available web tools:

    ā€” to check phone number (like, in Google Search query);

    ā€” to check text (as a possibility of massive scam/phishing/fraud campaign; again as a Google Search query);

    ā€” to check URL further (perhaps, VirusTotal or any other ways to check/unroute URL without visiting it);

    note: if there really is some kind of parcel for me (items), I would go to the official FedEx website or some other tracking portal (if used). Or contacted the sending or delivery company directly regarding this to clarify the situation.

    Most likely, the content inside the URL will be a phishing attempt to find out details or request money. There may also be an attempt to install malware and other things.

    so to summarize (from obvious to more detailed):

    ā€” I did not expect anything from LA-based phone number in that way of presentation;

    ā€” I did not expect anything from FedEx;

    ā€” I did not expect a company like FEDEX to use a plain number as the sender;

    ā€” I don't think the text is completely grammatically correct;

    ā€” I don't think the URL looks safe with its domain zone and entire view.

    I most likely won't click / open the URL; but if so - and the resource that opened asks me for my data or asks for money - then this was the last straw.

    // as a bonus, I also then tried to use Fā€‘Secure Text Message Checker; the suggestion is "This message doesnā€™t seem to be safe. Be careful not to open any links. We recommend deleting it."

    // by the way, in February - I received SMS from a local store (household appliances) about order placed (not by me or anything). Then, after some days - that it is completed; Then, a day later - thanking me for the purchase and so on. All stuff in the messages received looks legitimate. I never tried to open the link provided (also looks legit). But make me think that if a website is hacked - it is easy to launch such a campaign with bogus SMS to telling something and trigger the opening of a hacked page with a payload on a trusted domain, from a trusted sender and so on. The only thing that would have helped here is that I didn't place an order. didn't receive it (by mistake), didn't need to try to see what was behind the thanks. But I don't know why anyone needed to use my phone number; or if by mistake, then it's good that the order was received by someone anyway.

    sorry for my kind of "research" around.

  • Candi1
    Candi1 Posts: 69 Active Engager
    edited November 12

    First, I probably haven't ordered something that's being delivered by FEDEX. Also, the link that's there isn't a "FEDEX" link. I would not just click/tap on an unknown link. If for some reason I had ordered something that's supposed to be delivered by FEDEX, I'd go back to my original order & contact the company I ordered from & check how its being delivered & track the delivery. Or contact the original company to have them check if there is a problem with delivery. If it seemed like there might be a problem and they couldn't help, I would contact FEDEX directly by calling them from their main FEDEX phone number. Or wait until the product is supposed to be delivered to see if its delivered or not. Also the phone number from which the "sms" is sent does not look like a business phone number.

  • martink
    martink Posts: 445 Rising Star

    Agree with getting alerted if received a message like that and not having ordered anything.

    Most times the seller or the sellers designated courier provides a link where to follow the travel of the shipment.
    Yes the link is also dubious. Contacting the shipper through their normal web is better.

  • Firmy
    Firmy Posts: 1,905 Community Manager

    Thank you to all who took part in this challenge.

    The winner will receive a notification through a private message, and badges have already been added to your profiles.

    Although this round has ended, keep an eye on our community page for the next challenge. We can't wait to see you again!

    Firmy
    Community Manager | F-Secure Community
    šŸ” Strengthening digital security through knowledge and collaboration
    šŸŒ Explore our User Guides | Knowledge Base for self-help resources
    šŸ’» Empower yourself with Cybersecurity Insights and protect what matters
    šŸ“¢ Help Shape Our New Homepage! Share your input in our design survey.

This discussion has been closed.
Feedback on New Design