Smishing Attempt - Real Example

This is a real example of a recent smishing text message sent to Detective Superintendent Neil Jones’ personal phone on the 30th of May at 8.12 pm.

Smishing attempts are a common method of attack, with cyber attackers often posing as well-known organisations. In this case, the fraudsters pretend to be PayPal, claiming there is an issue with an existing account. Note the sense of urgency in the message; this is a common tactic and is used in extortion attempts.

If you receive a text message asking you to click, you must stop and check the URL before you click or give away any sensitive data. As you can see in this attempt, the second part of the URL is caseid4359.com, which is very unusual for a company like PayPal. Some attempts are more convincing than others though, like subtle changes to a URL to make it look authentic such as pay.pal.com.

The Cyber Resilience Centre always recommends researching the full URL using https://who.is. This website will verify when the domain was registered and who it belongs to. You can also contact the account provider directly to check whether the message or email is real.

In this case, the WHO.IS search on caseid4359.com shows it was created at 5.21 pm on Saturday, 30th May, just 3 hours before the smishing text was sent? Therefore, the domain was likely registered specifically for the smishing campaign. The registrar's details suggest the fraudsters are located in the Netherlands.