Sarah Tew/CNET
Received a shady text message that looks like it’s from your own number? You’re not alone. Many Verizon customers reported receiving similar messages this week, encouraging them to click an obscure link for a gift. The carrier says it is working with police to stop these messages.
“Verizon is aware that attackers are sending spam text messages to some customers that appear to be from the customer’s own number,” a Verizon representative said in an emailed statement. “Our team is actively working to block these messages and we have been working with US law enforcement to identify and stop the source of this fraudulent activity.”
A relative of a CNET team member received a text that matched the description of similar messages received and called by other Verizon customers social media and news reports. “Free Message: Your bill is paid for March,” the message read. “Thanks, here’s a little present for you.” The message contained a cryptic link that made it impossible to know what it was about.
This spam text message was received from a CNET team member’s relative. The message looked like it came from the person’s own phone number.
Chris Paukert/CNET
In some instances, the links in these posts lead to an invitation to participate in a Verizon customer survey. “Dear Verizon customer, we want to personally thank you for always paying your Verizon bills on time by giving you a free Apple Watch Series7!” the message says. “All we ask is that you answer a few quick questions about your recent experience with Verizon’s services.” The message ends with a link to take the survey and encourages the recipient to take it as soon as possible , as “this exciting offer is only available today”.
The surge in spam messages cell phone users are receiving comes after the US government doubled down on its fight against automated calling. Last year, the US Federal Communications Commission ordered phone and cable companies to implement a technology called Stir/Shaken, designed to stem the tide of spam calls by requiring voice providers to verify where calls are coming from. However, the move has prompted criminals to explore other avenues to continue trying to scam cellphone users.
“Stir/Shaken closed a path,” Clayton LiaBraaten, senior advisory board member at Truecaller, which makes a spam-blocking and caller ID app, told CNET in December. “But it makes already very skilled criminals even more sophisticated and sinister in their scams.”
A Verizon customer who received a spam message almost identical to that of the CNET employee’s relative wrote about it on the Verizon Community blog in December, wondering if the message and link were a kind of phishing attempt. “We cannot confirm this is a valid link,” a Verizon customer support rep said in a reply to the post. “We recommend not pressing it.”
Spam texts like this are one of many forms of phishing in which hackers exploit human error to gain access to sensitive information, typically by exploiting gaps in a victim’s technical understanding. Instead of a brute force attack, the cybercriminal poses as a legitimate organization or a familiar face – in this case, SMS from a victim’s own phone number – and issues a call-to-action that sounds either funny or urgent (which does little for the victims Time makes you think twice). Hackers can use a technique called “spoofing” to disguise their identity by intentionally forging the information submitted to your caller ID display.
After being lured into a false sense of security and taking the bait, the phisher intercepts your sensitive information. Phishing attempts are not just limited to cell phones. They can also be disguised as quizzes or questionnaires on social media, with questions designed to trick you into revealing information that could be used to verify your accounts.
If you receive a mysterious text message asking you to click a link, verify the origin of the message before taking any further action, even if the contact appears legitimate — including your own phone number.
Get the CNET Mobile newsletter
Find the best phones, apps and accessories with our CNET Mobile newsletter. Delivered on Tuesdays and Thursdays.