Don’t Fall For This Interac Scam That Is Delivered By Text Message

Last night I got a text message that got my attention. I snagged a screenshot of it for your viewing pleasure:

IMG_1412

At first glance it looks like an Interac e-Transfer. And it comes from a Ontario area code to make it look legit. Except that when you look closer, specifically under the words “Deposit your INTERAC e-Transfer” you see a domain called frontsolut-1.com. That’s important because Interac has never used that domain. Besides, I am pretty sure that Interac doesn’t use GoDaddy to register their domains. Because when I ran the domain in question through the Whois database on GoDaddy, I found this:

Domain Name: FRONTSOLUT-1.COM
Registry Domain ID: 2247282825_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2018-04-03T01:30:36Z
Creation Date: 2018-04-03T01:30:36Z
Registrar Registration Expiration Date: 2019-04-03T01:30:36Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: REDACTED 
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registry Registrant ID: 
Registrant Name: Dean Ataman
Registrant Organization: 
Registrant Street: REDACTED
Registrant City: Belle River
Registrant State/Province: Ontario
Registrant Postal Code: REDACTED
Registrant Country: CA
Registrant Phone: REDACTED
Registrant Phone Ext:
Registrant Fax: 
Registrant Fax Ext:
Registrant Email: REDACTED
Registry Admin ID: 
Admin Name: Dean Ataman
Admin Organization: 
Admin Street: REDACTED
Admin City: Belle River
Admin State/Province: Ontario
Admin Postal Code:REDACTED
Admin Country: CA
Admin Phone: REDACTED
Admin Phone Ext:
Admin Fax: 
Admin Fax Ext:
Admin Email: REDACTED
Registry Tech ID: 
Tech Name: Dean Ataman
Tech Organization: 
Tech Street: REDACTED
Tech City: Belle River
Tech State/Province: Ontario
Tech Postal Code: REDACTED
Tech Country: CA
Tech Phone: REDACTED
Tech Phone Ext:
Tech Fax: 
Tech Fax Ext:
Tech Email: REDACTED
Name Server: NS47.DOMAINCONTROL.COM
Name Server: NS48.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2018-04-03T12:00:00Z <<< 

Seeing as Interac is not located in Belle River Ontario, this is clearly fake. Thus validating that this is a scam. Even though I redacted some potentially personal information, that info is likely fake as well. Having said that, if Interac or law enforcement are interested in what I found, feel free to contact me and I’ll hook you up.

I decided to dig in a bit deeper to find out what this scammer was up to. So I copied the link to my test iPhone and clicked on it. I got this:

IMG_1413

Oooooo. It looks like I am going to get some money. Well, actually no. If you look at the URL in the browser, it’s the same frontsolut-1.com address that I mentioned above. Clearly what this scam is counting on is that you won’t notice that. In the interest of science, I chose my financial institution and got this:

IMG_1414

Now that’s a very good copy of the Canadian Imperial Bank Of Commerce website. To illustrate that, here’s the real Canadian Imperial Bank Of Commerce website:

IMG_1415

It’s pretty close except that the domain frontsolut-1.com is still present. Again, the scammers are hoping that you won’t notice.

At this point it’s pretty clear what this is all about. This is an attempt to get your username and password to your online banking account so that the scammers can drain it dry. I have to admit that this is pretty crafty as if you’re not paying attention to things like the domain that is in use, you might fall for it. Thus my advice is to pay attention to any Interac e-Transfer that you get. Look for weird looking URLs and anything that doesn’t seem “normal.” If you receive a notification for an Interac e-Transfer that you weren’t expecting, contact the sender through a different communication channel to verify. If the notification comes from someone you don’t know, or you suspect it may be fraudulent, do not respond or click any links. Forward the email or take screenshots and forward those to phishing@interac.ca.

In the meantime, I am reaching out to Interac with all the info that I complied on this scam so that they can hopefully put an end to it. Or at least put it on their radar.

Advertisements

One Response to “Don’t Fall For This Interac Scam That Is Delivered By Text Message”

  1. Natural Skin Care

    Don

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: