Here’s A Fido Text Messaging #Scam That’s So Dangerous The CRTC Is Warning You About It
It’s not everyday that I warn you about a scam that the CRTC feels the need to warn you about. But here we are talking about such a scam. Fido which is owned by Rogers is being used in a text messaging scam that for me looked like this:
Now mobile phone carriers will sometimes send you information via text message. And if you’re unsure if the text is real or not, call the carrier or log into your mobile phone carrier account and see if whatever is in the text message is legit by checking your account or asking your customer service rep. But in this case that’s not required as it’s easy to spot that this is a phishing text. If you look at the website that the threat actor wants you to go to, it’s called “fidosolution70.com” which is a play of the original name of Fido before it was bought by Rogers. But the threat actors are hoping that you won’t notice the 70 at the end. Why did that do that? Likely to get the website set up quickly as it would make sure that it was unique and easy to register. Another hint that this is a phishing text is quality of the English, which is not great.
The text claims that you were overcharged and that Fido is trying to refund you. But let’s walk through what’s actually going on.
The first thing that it does is it sends you to a CAPTCHA. And what’s interesting about this is that this website actually grabbed and displayed my IP address. That’s to make you think that this is a legitimate website as opposed to a phishing website.
The next thing that you see is this page asking you to “accept your refund”. If you note, the top right has the letters “FR” which should mean that there is a French version of this page. But clicking on those letters do nothing. You’ll also note that there’s nothing here identifying you. That’s important because you’d think a telco would want to identify who they are giving money to before they hand it over. But that’s not happening here. Which means that’s a phishing website. So what are they after? It all becomes clear on the next page.
Here you get your choice of bank to deposit the refund that you’re getting. And the thing is, the threat actors clearly looked at the websites of all of these banks to make sure that they could replicate the look and feel of each bank’s website. Take this fake CIBC website for example.
I have to admit that the threat actors have done an impressive job of replicating the look and feel of this website. You have to look really closely to spot the differences. The key difference being this one.
You’ll note that you’ve never left the “fidosolution70.com” website if you look at the URL above. That’s important to point out because if this was the real CIBC website, you would have been sent to “https://www.cibc.com/en/personal-banking.html“. But of course the threat actors are hoping that you won’t pay attention to those details and instead type in your banking credentials for them to use to drain your bank account. One thing to note is that the website validates that the card number is valid. So that illustrates that this isn’t the first rodeo for this threat actor. Thus validating that this text message scam is dangerous. Which is why I guess that the CRTC had to put out this warning on Twitter.
ALERT: New phishing scam
📲 Fraudsters posing as Fido are sending text messages with fake New Year’s offers.
Now this warning was put out on January 11th. Today is January 16th and I got this text message late on January 15th. Clearly the threat actors haven’t stopped trying to scam people. That implies to me that either the warning from the CRTC doesn’t deter them, or they are having success with this scam. Perhaps both. Regardless, the fact is that this and other scams are out there and you have to be careful. So if you get a text that’s supposedly from Fido offering you a refund or a great offer, delete it and move on with your day.
This entry was posted on January 16, 2024 at 8:51 am and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Here’s A Fido Text Messaging #Scam That’s So Dangerous The CRTC Is Warning You About It
It’s not everyday that I warn you about a scam that the CRTC feels the need to warn you about. But here we are talking about such a scam. Fido which is owned by Rogers is being used in a text messaging scam that for me looked like this:
Now mobile phone carriers will sometimes send you information via text message. And if you’re unsure if the text is real or not, call the carrier or log into your mobile phone carrier account and see if whatever is in the text message is legit by checking your account or asking your customer service rep. But in this case that’s not required as it’s easy to spot that this is a phishing text. If you look at the website that the threat actor wants you to go to, it’s called “fidosolution70.com” which is a play of the original name of Fido before it was bought by Rogers. But the threat actors are hoping that you won’t notice the 70 at the end. Why did that do that? Likely to get the website set up quickly as it would make sure that it was unique and easy to register. Another hint that this is a phishing text is quality of the English, which is not great.
The text claims that you were overcharged and that Fido is trying to refund you. But let’s walk through what’s actually going on.
The first thing that it does is it sends you to a CAPTCHA. And what’s interesting about this is that this website actually grabbed and displayed my IP address. That’s to make you think that this is a legitimate website as opposed to a phishing website.
The next thing that you see is this page asking you to “accept your refund”. If you note, the top right has the letters “FR” which should mean that there is a French version of this page. But clicking on those letters do nothing. You’ll also note that there’s nothing here identifying you. That’s important because you’d think a telco would want to identify who they are giving money to before they hand it over. But that’s not happening here. Which means that’s a phishing website. So what are they after? It all becomes clear on the next page.
Here you get your choice of bank to deposit the refund that you’re getting. And the thing is, the threat actors clearly looked at the websites of all of these banks to make sure that they could replicate the look and feel of each bank’s website. Take this fake CIBC website for example.
I have to admit that the threat actors have done an impressive job of replicating the look and feel of this website. You have to look really closely to spot the differences. The key difference being this one.
You’ll note that you’ve never left the “fidosolution70.com” website if you look at the URL above. That’s important to point out because if this was the real CIBC website, you would have been sent to “https://www.cibc.com/en/personal-banking.html“. But of course the threat actors are hoping that you won’t pay attention to those details and instead type in your banking credentials for them to use to drain your bank account. One thing to note is that the website validates that the card number is valid. So that illustrates that this isn’t the first rodeo for this threat actor. Thus validating that this text message scam is dangerous. Which is why I guess that the CRTC had to put out this warning on Twitter.
Now this warning was put out on January 11th. Today is January 16th and I got this text message late on January 15th. Clearly the threat actors haven’t stopped trying to scam people. That implies to me that either the warning from the CRTC doesn’t deter them, or they are having success with this scam. Perhaps both. Regardless, the fact is that this and other scams are out there and you have to be careful. So if you get a text that’s supposedly from Fido offering you a refund or a great offer, delete it and move on with your day.
Share this:
Like this:
Related
This entry was posted on January 16, 2024 at 8:51 am and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.