Fraudsters spam out scams via SMS text messages

Filed Under: Mobile, Spam

Have you received an SMS message, seemingly from Apple, on your mobile phone telling you that you have won a prize in a contest?

SophosLabs researcher Onur Komili told Naked Security that he was browsing his Facebook newsfeed this weekend, when he saw a friend - let's call him Freddie - post a screenshot of the text message.

Seven of Freddie's friends in the Vancouver region also reported that they had received the exact same text message. A quick search on the net found a number of people had received the same spammed-out SMS message.

Things really piqued Onur's interest, however, when he himself then received it on his iPhone!

SMS scam message

Congratulations, Your entry into our contest last month made you a WINNER! Goto [LINK] to claim your prize! You have 24 hours to claim

Although the phone number it was apparently sent from was different from the one that his friend had received, Onur recognised the same dodgy link.

Because, of course, that's not a link that is going to take you to Apple's website at apple.com, but to a website called textwon.com instead.

Textwon's WHOIS information reveals that it is a brand new domain, registered on May 4th 2012. The actual contact information for who registered the domain is hidden behind by a domain privacy service, but the A-Record IP address of the domain is linked with others that are known to have hosted malware, scams, adware and fake anti-virus in the past.

In short, this is clearly a link that should be avoided.

If you did make the mistake of clicking on the link, you can find yourself redirected to a number of different websites depending on where in the world you are based - including the perennial "Win a free iPad by filling in this survey" scams.

Frequently such scams will dupe you into believing you have won a prize, and ask you to enter your cellphone number. If you're not careful and don't read the small print, you will find that you have accidentally authorised a premium rate service to sign you up as a subscriber - adding dollars each week to your phone bill.

Always take care about clicking on links sent to you out of the blue, even if they arrive on your mobile phone.

, , , ,

You might like

49 Responses to Fraudsters spam out scams via SMS text messages

  1. svcghost · 709 days ago

    ah the classic .com subdomain

  2. TrishZwei · 709 days ago

    got one of those this morning, though this one comes from welovetablets.net - it says to opt out goto celloptout.com. Yeah.... like I'm gonna do either.

  3. Nancy Bell · 709 days ago

    Received this the other day on mine. I just deleted it - I never, never follow thru on those types of emails. Have received them from "Walmart" and others, but can't remember who all. I'll repost your news on my FB status page to let others know it's Spam,

    Nancy Bell

  4. Lisa · 709 days ago

    Shocker... not. Simple idea: if you didn't actually enter a contest, you didn't win it!

  5. Mikelis · 709 days ago

    On most browsers, you can see the actual URL of a link by hovering the cursor over the link. I don't have an iPhone, but is something similar available on mobile devices? It would make sense to mandate this information by default, since there is nothing in HTML that requires an anchor and its href to match.

    • Chaos Theory · 709 days ago

      I am afraid there is a way to get "trapped" even by mouse-over the link. It's not hard so don't be ensured that this is a solution. Just saying.

  6. Freddie's friend · 709 days ago

    I think I know this Freddie guy!!

  7. Sherry · 709 days ago

    I have had subscriptions, like you speak of, added to my acct WITHOUT authorization. Simply receiving the text was enough. I contacted my provider and arranged to have restrictions put on all the phones on my acct so that no subscriptions or purchases could be made and added to my bill. It's intended to prevent a child from making outlandish purchases but works well in this instance. It doesn't stop me from making any iTunes or App Store purchases, only those that would be added to my bill. I highly recommend everyone do this. Or check your bill closely every month.

  8. david · 709 days ago

    registered the domain is hidden behind by a domain privacy service, but the A-Record IP address of the domain is linked with others that are known to have hosted malware, scams, adware and fake anti-virus in the past........

    Its about time that firms, that host or sell these domain names are fined when spammers are found to be using their services

  9. richard · 709 days ago

    So ... "If you're not careful and don't read the small print, you will find that you have accidentally authorised a premium rate service to sign you up as a subscriber - adding dollars each week to your phone bill."

    Why can't they now arrest and shut down the people behind this premium rate service?

  10. Crystal Staddon · 709 days ago

    Omg I had filled in a application to win a iPad and other stuff how do I no if it is a scam and what do I do

  11. Pat. K. · 708 days ago

    Really, I cannot understand why people still get suckered in by this type of attack? How hard is it to realize it's an unsolicited email/text/sms/etc., so just delete it? Take the one above, "your entry in our contest last month made you a winner", uh, I think I'd know if I entered a contest. And yet, there are people out there that despite the random email for a contest they didn't enter STILL CLICK THE LINK?!? All I can ask is, WTF Dude, WTF? A friend of mine coined the term for this kind of thing as "uncommon sense", I think it fits.

    • Mel · 279 days ago

      I just about got suckered as my message was from a person to add a msg tool called TextMe from a name I actually know. But the number of the sending text was wrong so I started checking. Plus I hate adding apps...

    • I received one that used the short code "27367" saying "You are one lucky customer getting a 25% discount on your next months bill, please visit..." (and it gave a website). I've never encountered anyone but AT & T that used short code directly to my text messaging account, so I clicked the link, it looked like the AT & T website. I chatted with AT & T and they stated that they hadn't sent any text messages to me recently. Never-the-less I had already clicked n the link. It's not that hard to be fooled Like I said, I never heard of text messaging spam before, especially one's that disguise themselves as at & t

  12. Shibli · 706 days ago

    hi guys - just got the spam SMS message and now i've seen it originating from 3 domains. the one you advised above, and the following: http://www.apple.com.wonacontest.com http://www.samsung.com.wonacontest.com (this one advises to email the samsung CFO at smasungCFOatSamsung@hotmail.com (or gmail).

  13. AussieDave · 691 days ago

    i received a sms from 19177563664 stating virtually the same content as previous posts. link sent was. http://www.apple.com.au.wonacontest.com.

  14. I just got the same dodgy sms with the dodgy URL hSNIPp://www.apple.com.au.wonacontest.com the SMS was from +1 (718) 6859742

    Have reported it to ACMA and tweeted it too....

  15. Ravi Shanghavi · 684 days ago

    just got a scam message in Canada from a +12127291744 number. idiots. supposedly from bestbuy.ca.wonacontest.com

  16. BrissyGirl · 633 days ago

    Just got a scam message in Australia supposedly from Apple telling me to go to [REDACTED] to claim my prize by going to last page and enter a 4 digit code to claim.

  17. d wilson · 628 days ago

    ugh now australia is copping it..i got one twice in one day..telling me to go to the australian apple website and put in a 4 digit code...no thanx even if it is real unless it a free i-phone or an apple computer i dont want it tyvm

  18. silly me · 628 days ago

    ok, so I am in australia, and yes I am stupid (not usually) but I replied.
    So what do I do?
    I have contacted my phone provider but am unable to know if direct debits are occurring.
    What do I do?

  19. I got one of these yesterday. The domain is now not "won.com" but "qhknb.com".

  20. James · 627 days ago

    yup, im from Aus and just receive one too.

    Message below...

    "The Entry You Made Has Won! Goto http://www.apple.com.au.cvtya.com/?=MYNUMBER&quot... To claim the prize. You have 24hours to claim.
    Replay STOP to Optout.
    201216

  21. lis · 626 days ago

    Is it safe to send STOP to optout? Or will that just allow them more access? I get the txt at least once a week

  22. Gus · 626 days ago

    Is it safe to send STOP to the opt out number? I'm worried if I do it then they might charge my mobile bill

    • s6677 · 584 days ago

      Rogers is telling me to send STOP. I also doubt it will do anything good... but I'm fed up to receive these #$%@ text!!

  23. neville marsden · 625 days ago

    received message same as james 31-7-2012

  24. Rebecca · 624 days ago

    Received a similar message also. Knew it was a scam straight off but out of curiosity I clicked on the link (in hindsight bad idea). As soon as I saw I was being redirected I exited immediately and didn't wait to see what site came up. Can this cause any harm?

  25. Cheryl · 618 days ago

    I received an SMS today. A few minutes ago in fact. The details are:

    from: 1-307-223-6721 (Wyoming area code)
    message: Congratulations, your today's Apple winner! Go to [REDACTED] and on last page enter code: 2916 to claim your Free Apple Product.

    The grammatical errors alone stopped me from going further, except to post on this site.

  26. dAbEaR · 616 days ago

    I received one last night.

    From: 202-664-7420
    message: Congratulations, your number has made you Apple's Winner! Go to http://apple_ca_wstw_cc and enter code: 5417 to claim your Free Apple Product!

    Slightly different than others but the same bullshi@ scam.

  27. yelloducky · 615 days ago

    I just received the same as dAbEaR, DELETE!!! thanks for posting all the info!

  28. Kim · 612 days ago

    I received an SMS Aug 13/12 from (310) 467-3470:

    Congratulations, your number has made you Apple's Winner! Go to [Web page URL] and enter code 3799 to claim your Free Apple Product!

    Will be deleting! Thanks for the info :)

  29. Mike · 608 days ago

    I got two of these today in 6 hours. I'm concerned I'm being charged for receiving the text messages. :-/

  30. Nathalie · 603 days ago

    I received a similar message, but "apple.ca". How do they get our phone numbers? I never give it out...

  31. davisbr · 602 days ago

    Washington state. Received text message also this date ...so it's still going on. Didn't bother to do anything other than immediately delete it (I don't believe in the tooth fairy or the Easter bunny or free lunch or money growing on trees either, so why should I believe that because my phone number is **special** I "won" a contest I didn't enter LOL ...what stupid dickweeds). I did google the phrase (out of curiousity), and ended up here. Thanks for the public service.

  32. Power to the people · 602 days ago

    Yes Rogers charges me for this crap and I argue it's not mine, Rogers says take it up with them, I try but only have cancel option not complaint access, back to Rogers they refuse to remove charges. I complain to better business bureaux (BBB) Rogers refunds part of third party, BBB asks if I was satisfied with Rogers solution, I say no, Rogers calls I refuse to accept partial refund, Rogers refunds remainder, BBB asks if again if I was satisfied with Rogers solution, I say no, Rogers calls again wanting me to say I'm satisfied I say no and furthermore I'm looking to other service providers as Rogers charge too much, they offer me 350 additional minutes and free Canada wide long distance and I say thanks I. Won't leave just yet then. BBB asks if again if I was satisfied with Rogers solution, I say no Rogers phones again begging to solution, I say $10,000 they say no and accept that they cannot remove my complaint from BBB. You complain to better business bureaux (BBB) and eventually Rogers will no longer support or possibly create scams like this for their own profit. Take action, make corporate giants suffer for unethical and illegal acts disguised as third party services.

    • beenthere · 583 days ago

      I don't think your comment is that far from the truth re "...support or possibly create scams..."

      Made a post as 'beenthere' that describes some Rogers weirdness: http://800notes.com/Phone.aspx/1-888-204-1228

      However, for what it's worth, Rogers does provide the following for their customers (Canada):

      "Protection for Text Messaging SPAM

      "For your protection against unwanted spam text messages, send us a text message with the 10-digit wireless number of the spam message to 7726 (SPAM). As our thanks, we will credit your account $0.15 for each reported SPAM message and it’s free to report SPAM."

      Here's the link: https://www.rogers.com/web/content/wireless-produ...

      BBB sounds like a good route.

  33. sam · 602 days ago

    The number that I got this text from was 7162568174

  34. Wayne Lord · 591 days ago

    I received this type of message this morning. I appreciate that your website had most useful information. Thank you.

  35. freddy · 589 days ago

    i'm guessing that FIDO sold my number?? to these bastards, asI have a Fido phone in the Vancouver area as well, and keep getting the same texts from the states...wtf

  36. Rob · 587 days ago

    Have had two in the last four days (Victoria BC) , do erase the TEXT SMS msg but end up paying for it as I'm on a prepaid plan. Do they get these numbers from phone companies or or just do random number generation and send out .
    Very annoying...

  37. beenthere · 583 days ago

    Yeah. How do they get your cell number? - they know it's a cell, hence the texts.

    Replied to "Power to the people" , but it's not easily visible. I'll repeat part here that applies to Canadian Rogers mobile customers:

    "Protection for Text Messaging SPAM

    "For your protection against unwanted spam text messages, send us a text message with the 10-digit wireless number of the spam message to 7726 (SPAM). As our thanks, we will credit your account $0.15 for each reported SPAM message and it’s free to report SPAM."

    Link: https://www.rogers.com/web/content/wireless-produ...

  38. John Mark · 582 days ago

    Have received a text message, purportedly from Apple from tel nr [Number removed by editor] to go to [URL removed by editor] and claim a prize I have supposed to have won. As I have never put in for a compettion on my mobile, I do not trust this message. I am living in England, where I received it last night.

  39. Eve · 576 days ago

    I received a message in Swedish on my Swedish cell phone telling me that my phone operator had picked me as a winner. And a link to apple.se with a four digit code.

  40. Shameonthem · 564 days ago

    Shame on them. I received a message in the middle of the night from [redacted] saying in Swedish: your number has made you to a apple winner, go to [redacted] and put the code 3923 to claim your free apple-product!
    They should be dressed in feathers and being left in the desert!

  41. L. · 553 days ago

    I got this last night ( Netherlands) http://www.apple.nl.lrgiveaway.info/
    know it's scam but still waking me up in the middle of the night (no i don't turn of the phone just in case someone needs me) people who do this are some of the earth lowest life forms i can imagine.

  42. Jim Nolan · 476 days ago

    I received this SMS yesterday 26/12/2012 :-your number was spontaneously tabbed Apple's Overstock iwinner!Go to. http://ie.appleoverstock.cc &submit code 5742 to redeem your free MacBook now! The message originated from +1(631)428-6552. Hope this helps someone avoid these con artists

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.