An improvised SMS phishing scam is luring people with easy money for doing “simple and easy work” online.

The latest cybercriminal stunt circulating around the internet now involves people posing as job agents from a popular e-commerce platform such as Lazada to recruit people to earn quick cash by performing online tasks.

With some people hungry for part time work or any form of side income, this ruse does attract attention. What is more, the scammers make the entire scheme believable by actually sending commissions to their victims for the first two tasks.

However, from the third and subsequent tasks onwards, the scammers will begin to make excuses to delay payments, and finally become completely unreachable, together with the monies of their scammed victims.

According to Dr Sharat Sinha, Vice President & Head of Asia-Pacific & Japan, Check Point Software Technologies, cybercriminals are leveraging people’s increased interest in work-from-home opportunities during the pandemic.

“SMS phishing generally involves a text message with a single link to a fake account login page. In addition, new SMS phishing tactics use a text message with a link that when accessed downloads zero-day malware into the device. This scam targets consumers and enterprises alike and actors are introducing new techniques to increase its effectiveness. These attacks are used to steal users’ credentials and data to access corporate networks and applications.” 

The firm reminds mobile users to exercise caution when receiving such messages whether via SMS or other messaging platforms. 

  • Do not click on any of the links in any SMS as it may result in credential-stealing malware being downloaded into your mobile phone. 
  • Such links may also lead you to a website that requests for data from you. Do not share any confidential information this way! 
  • Always ensure your mobile phone is protected with a mobile security solution.