Blog

New Year, New Job Whatsapp & SMS Scam

January is a time for resolutions, and for some people that means finding a new job. Many international recruitment companies have become familiar brand names. We have seen a significant increase in businesses using A2P SMS messaging to communicate with customers and clients. Unsurprisingly, less authentic job agencies also find SMS a useful way to reach people and as a result job scams are popular in January, our Threat Intelligence Unit reports.

What are job text scams?

SMS text messages are used by scammers as a way retrieve a target’s personal information and get their money under the guise of offering the victim a job.

Job scams are not new, but as per the example we are going to explain below, connecting directly with the recruiter via WhatsApp instead of following a link to a website is a new attempt by the scammers to evade detection and to tailor the scam to the recipient.

WhatsApp scams

A new campaign targeting mobile phone users with a wa.me (“WhatsApp me”) link exploded in the Philippines in November 2021 and has since been observed by AdaptiveMobile Security in Mexico, and in the last few days, the United States.

In the US version, the subscriber receives a message like the following from a US number, but with a link to contact an Indian mobile account:

 

sms job scam example

Clicking the embedded link will open the subscriber’s WhatsApp app and initiate a conversation. Other versions also include telegram chat links. The “job” really can be performed with a mobile phone, but it mostly involves transferring money to the scammer.

Operators who have attempted to mitigate this attack by blocking messages with “wa.me” links have found the scammers react with alternative messages containing URL shorteners that redirect to the WhatsApp link. Wholesale blocking of URL shorteners, whether owned by WhatsApp or others, also interferes with legitimate uses of SMS and is unpopular with subscribers.

A more sophisticated response involving knowledge of both the senders and the content/destinations in use is required in this case.

How can MNOs mitigate SMS job scams?

As spammers are continually evolving their attack methods and seeking to evade SMS Firewall protection, it can be challenging for mobile network operators to sufficiently protect subscribers. We recommend a managed SMS Firewall and Threat Intelligence service to build strong defences against new and evolving mobile network security threats.

AdaptiveMobile Security uses a combination of the threat event visibility provided by our globally deployed award-winning security platform, and our threat response expertise to offer advanced threat detection, maintaining a strong defence against messaging threats.

 

This is the first in our monthly spam blog series. Stay tuned to discover the latest tactics that scammers are using to penetrate mobile networks and defraud users. You may also be interested in reading more about the most common text scams.

Blog_Banner_Future_Securing_SMS_in_5G_Whitepaper

Related insights

Watch Webinar: Boosting A2P SMS Revenues – Using AI to Uncover Hidden Gems

Read more

Tags: A2P Messaging, A2P Revenues

Woman looking at her phone on public transport

Apple Announces Support for RCS. What Happens Next?

Read more

Tags: RCS

Mobile World live webinar: Diary of a CISO

Watch Webinar Recording: Diary of a CISO – Building a Resilient Telecom Organization

Read more

Tags: MNO, Mobile Security

Storm-0539 Cybercrime Gang: Microsoft Alerts Companies of Gift Card Fraud From Moroccan Hackers

Read more

Tags: SMS, SMS scam

Infosecurity Magazine logo

Cyber-criminals Exploit Cloud Storage for SMS Phishing Scams

Read more

Tags: SMS scam