Payment App Users Targeted in Phishing and Social Engineering Campaigns, FBI Warns

Malicious actors are trying to deceive individuals living in the US using digital payment apps into making instant transfers of money in social engineering operations involving text messages that contain bogus bank fraud notifications, the FBI says.

How Does the Scam Work?

As per the warning issued yesterday by the Federal Bureau, once the targets answer the message, the attackers then call from a number that seems to match the financial institution’s genuine 1-800 support number.

Under the pretext of reversing the fake money transfer, victims are swindled into sending payment to bank accounts under the control of the cyber actors.

Source

The phony fraud alerts mention the payment amount and bank names and instruct the recipients to confirm if they attempted to make large-scale instant payments.

According to the FBI, the payment amount and financial institution name vary from victim to victim. If customers reply to the phishing message with “No,” a follow-up message is sent:

Our fraud specialist will be contacting you shortly.

Source

The attackers, who usually speak English without an accent, then contact the victim using a phone number that appears to be the bank’s authentic 1-800 support number, claiming to be from the fraud department.

Read More: https://heimdalsecurity.com/blog/payment-app-users-targeted-in-phishing-and-social-engineering-campaigns-fbi-warns/