Emails including missed voicemail messages from mobile/TV providers have become a trend relative to a phishing tactic.
A couple of weeks ago, scammers used Verizon, the US-based provider to commit their shady acts. Now, they flew all the way to the UK, using BT to lure more victims.
Now the question is: How are the scammers pulling this off? What does the email look like and how can you protect yourself? Here’s everything you need to know.
A New Phish in the Sea – Missed Voice Message
Back in 2020, studies showed that at least 1 in every 4,200 emails was a phishing email. Apparently, in 2021, it has become a trend.
Using popular providers and creating legit emails (look-alikes) to trick victims into submitting their personal information has become popular.
Scammers are using the “You have a voice mail” technique to attract your attention, followed by a link to a website that may look like it’s a legitimate source.
Once you click on the Play button, you’ll be redirected to a website that isn’t in any way associated with the actual provider.
BT, the British giant, is now the provider used in the scam. Users are receiving emails stating that they have “Missed Voice Calls.”
If you take a closer look, you’ll notice that the Logo is completely legit. Scammers have been finding ways to successfully replicate official Logos, which makes their job even easier.
Now, once you click on “Play Voice Message,” the link will redirect you to a BT sign-in page (look-alike) with a spoofed BT logo, and a reminder of the missed messages.
If you look closely, that’s not the BT website. Once you enter your credentials, the scammers will be able to harvest all your information.
To further legitimize their scam, the attackers will redirect you to the official BT Page once credentials are entered and data is stolen. Talk about boosting perceptions of “legitimacy.”
Gain Knowledge – Avoid Phishing
Phishing attacks are common practices nowadays, and you’ll have to do whatever it takes to avoid being a target.
The best way to protect yourself is to have the proper knowledge about what these attacks are and how to shield yourself. Here’s what you need to do:
- Never click on a link sent to you by email. You can visit the source’s official website.
- Don’t submit your credentials if you’re not sure about the source.
- Use a VPN for extra security and anonymity.
- Never trust a website that begins with “HTTP.”
- Carefully check for spelling mistakes. Fake websites tend to have a habit of misspelling a lot of words.
There you have it. These are the basic steps you should take in order to protect your sensitive information from these attacks.
You’ve Been BT-ed – Final Thoughts
Such phishing tactics are on the rise thanks to their high success rate. Every region has a certain provider, and scammers residing there have the means to trick the intended targets.
All you have to do is make sure that the email you’re receiving is legit. Don’t click on any link provided, unless you’re 100% sure it’s your actual provider.
Even if it is, we highly recommend you visit the provider’s website manually. Don’t click on any link (AT ALL).