Sophos Cloud Optix
Have you received an SMS message, seemingly from Apple, on your mobile phone telling you that you have won a prize in a contest?
SophosLabs researcher Onur Komili told Naked Security that he was browsing his Facebook newsfeed this weekend, when he saw a friend – let’s call him Freddie – post a screenshot of the text message.
Seven of Freddie’s friends in the Vancouver region also reported that they had received the exact same text message. A quick search on the net found a number of people had received the same spammed-out SMS message.
Things really piqued Onur’s interest, however, when he himself then received it on his iPhone!
Congratulations, Your entry into our contest last month made you a WINNER! Goto [LINK] to claim your prize! You have 24 hours to claim
Although the phone number it was apparently sent from was different from the one that his friend had received, Onur recognised the same dodgy link.
Because, of course, that’s not a link that is going to take you to Apple’s website at apple.com, but to a website called textwon.com instead.
Textwon’s WHOIS information reveals that it is a brand new domain, registered on May 4th 2012. The actual contact information for who registered the domain is hidden behind by a domain privacy service, but the A-Record IP address of the domain is linked with others that are known to have hosted malware, scams, adware and fake anti-virus in the past.
In short, this is clearly a link that should be avoided.
If you did make the mistake of clicking on the link, you can find yourself redirected to a number of different websites depending on where in the world you are based – including the perennial “Win a free iPad by filling in this survey” scams.
Frequently such scams will dupe you into believing you have won a prize, and ask you to enter your cellphone number. If you’re not careful and don’t read the small print, you will find that you have accidentally authorised a premium rate service to sign you up as a subscriber – adding dollars each week to your phone bill.
Always take care about clicking on links sent to you out of the blue, even if they arrive on your mobile phone.
ah the classic .com subdomain
got one of those this morning, though this one comes from welovetablets.net – it says to opt out goto celloptout.com. Yeah…. like I'm gonna do either.
You can contact abuse@ipage-inc.com and report the domain welovetablets.net as a spammer. And abuse@namecheap.com to report celloptout.com. This is the best we can do.
Received this the other day on mine. I just deleted it – I never, never follow thru on those types of emails. Have received them from "Walmart" and others, but can't remember who all. I'll repost your news on my FB status page to let others know it's Spam,
Nancy Bell
Shocker… not. Simple idea: if you didn't actually enter a contest, you didn't win it!
On most browsers, you can see the actual URL of a link by hovering the cursor over the link. I don't have an iPhone, but is something similar available on mobile devices? It would make sense to mandate this information by default, since there is nothing in HTML that requires an anchor and its href to match.
I am afraid there is a way to get "trapped" even by mouse-over the link. It's not hard so don't be ensured that this is a solution. Just saying.
I think I know this Freddie guy!!
I have had subscriptions, like you speak of, added to my acct WITHOUT authorization. Simply receiving the text was enough. I contacted my provider and arranged to have restrictions put on all the phones on my acct so that no subscriptions or purchases could be made and added to my bill. It’s intended to prevent a child from making outlandish purchases but works well in this instance. It doesn’t stop me from making any iTunes or App Store purchases, only those that would be added to my bill. I highly recommend everyone do this. Or check your bill closely every month.
registered the domain is hidden behind by a domain privacy service, but the A-Record IP address of the domain is linked with others that are known to have hosted malware, scams, adware and fake anti-virus in the past……..
Its about time that firms, that host or sell these domain names are fined when spammers are found to be using their services
I second that motion!!
So … "If you're not careful and don't read the small print, you will find that you have accidentally authorised a premium rate service to sign you up as a subscriber – adding dollars each week to your phone bill."
Why can't they now arrest and shut down the people behind this premium rate service?
Omg I had filled in a application to win a iPad and other stuff how do I no if it is a scam and what do I do
Really, I cannot understand why people still get suckered in by this type of attack? How hard is it to realize it's an unsolicited email/text/sms/etc., so just delete it? Take the one above, "your entry in our contest last month made you a winner", uh, I think I'd know if I entered a contest. And yet, there are people out there that despite the random email for a contest they didn't enter STILL CLICK THE LINK?!? All I can ask is, WTF Dude, WTF? A friend of mine coined the term for this kind of thing as "uncommon sense", I think it fits.
I just about got suckered as my message was from a person to add a msg tool called TextMe from a name I actually know. But the number of the sending text was wrong so I started checking. Plus I hate adding apps…
I received one that used the short code “27367” saying “You are one lucky customer getting a 25% discount on your next months bill, please visit…” (and it gave a website). I’ve never encountered anyone but AT & T that used short code directly to my text messaging account, so I clicked the link, it looked like the AT & T website. I chatted with AT & T and they stated that they hadn’t sent any text messages to me recently. Never-the-less I had already clicked n the link. It’s not that hard to be fooled Like I said, I never heard of text messaging spam before, especially one’s that disguise themselves as at & t
hi guys – just got the spam SMS message and now i've seen it originating from 3 domains. the one you advised above, and the following: www.apple.com.wonacontest.com www.samsung.com.wonacontest.com (this one advises to email the samsung CFO at smasungCFOatSamsung@hotmail.com (or gmail).
i received a sms from 19177563664 stating virtually the same content as previous posts. link sent was. http://www.apple.com.au.wonacontest.com.
I just got the same dodgy sms with the dodgy URL hSNIPp://www.apple.com.au.wonacontest.com the SMS was from +1 (718) 6859742
Have reported it to ACMA and tweeted it too….
just got a scam message in Canada from a +12127291744 number. idiots. supposedly from bestbuy.ca.wonacontest.com
Just got a scam message in Australia supposedly from Apple telling me to go to [REDACTED] to claim my prize by going to last page and enter a 4 digit code to claim.
ugh now australia is copping it..i got one twice in one day..telling me to go to the australian apple website and put in a 4 digit code…no thanx even if it is real unless it a free i-phone or an apple computer i dont want it tyvm
ok, so I am in australia, and yes I am stupid (not usually) but I replied.
So what do I do?
I have contacted my phone provider but am unable to know if direct debits are occurring.
What do I do?
I got one of these yesterday. The domain is now not "won.com" but "qhknb.com".
yup, im from Aus and just receive one too.
Message below…
"The Entry You Made Has Won! Goto http://www.apple.com.au.cvtya.com/?=MYNUMBER"… To claim the prize. You have 24hours to claim.
Replay STOP to Optout.
201216
Is it safe to send STOP to optout? Or will that just allow them more access? I get the txt at least once a week
Is it safe to send STOP to the opt out number? I'm worried if I do it then they might charge my mobile bill
Rogers is telling me to send STOP. I also doubt it will do anything good… but I'm fed up to receive these #$%@ text!!
received message same as james 31-7-2012
Received a similar message also. Knew it was a scam straight off but out of curiosity I clicked on the link (in hindsight bad idea). As soon as I saw I was being redirected I exited immediately and didn’t wait to see what site came up. Can this cause any harm?
I received an SMS today. A few minutes ago in fact. The details are:
from: 1-307-223-6721 (Wyoming area code)
message: Congratulations, your today’s Apple winner! Go to [REDACTED] and on last page enter code: 2916 to claim your Free Apple Product.
The grammatical errors alone stopped me from going further, except to post on this site.
I received one last night.
From: 202-664-7420
message: Congratulations, your number has made you Apple's Winner! Go to http://apple_ca_wstw_cc and enter code: 5417 to claim your Free Apple Product!
Slightly different than others but the same bullshi@ scam.
I just received the same as dAbEaR, DELETE!!! thanks for posting all the info!
I received an SMS Aug 13/12 from (310) 467-3470:
Congratulations, your number has made you Apple’s Winner! Go to [Web page URL] and enter code 3799 to claim your Free Apple Product!
Will be deleting! Thanks for the info 🙂
I got two of these today in 6 hours. I'm concerned I'm being charged for receiving the text messages. :-/
I received a similar message, but "apple.ca". How do they get our phone numbers? I never give it out…
Washington state. Received text message also this date …so it's still going on. Didn't bother to do anything other than immediately delete it (I don't believe in the tooth fairy or the Easter bunny or free lunch or money growing on trees either, so why should I believe that because my phone number is **special** I "won" a contest I didn't enter LOL …what stupid dickweeds). I did google the phrase (out of curiousity), and ended up here. Thanks for the public service.
Yes Rogers charges me for this crap and I argue it's not mine, Rogers says take it up with them, I try but only have cancel option not complaint access, back to Rogers they refuse to remove charges. I complain to better business bureaux (BBB) Rogers refunds part of third party, BBB asks if I was satisfied with Rogers solution, I say no, Rogers calls I refuse to accept partial refund, Rogers refunds remainder, BBB asks if again if I was satisfied with Rogers solution, I say no, Rogers calls again wanting me to say I'm satisfied I say no and furthermore I'm looking to other service providers as Rogers charge too much, they offer me 350 additional minutes and free Canada wide long distance and I say thanks I. Won't leave just yet then. BBB asks if again if I was satisfied with Rogers solution, I say no Rogers phones again begging to solution, I say $10,000 they say no and accept that they cannot remove my complaint from BBB. You complain to better business bureaux (BBB) and eventually Rogers will no longer support or possibly create scams like this for their own profit. Take action, make corporate giants suffer for unethical and illegal acts disguised as third party services.
I don't think your comment is that far from the truth re "…support or possibly create scams…"
Made a post as 'beenthere' that describes some Rogers weirdness: http://800notes.com/Phone.aspx/1-888-204-1228
However, for what it's worth, Rogers does provide the following for their customers (Canada):
"Protection for Text Messaging SPAM
"For your protection against unwanted spam text messages, send us a text message with the 10-digit wireless number of the spam message to 7726 (SPAM). As our thanks, we will credit your account $0.15 for each reported SPAM message and it’s free to report SPAM."
Here's the link: https://www.rogers.com/web/content/wireless-produ…
BBB sounds like a good route.
The number that I got this text from was 7162568174
I received this type of message this morning. I appreciate that your website had most useful information. Thank you.
i'm guessing that FIDO sold my number?? to these bastards, asI have a Fido phone in the Vancouver area as well, and keep getting the same texts from the states…wtf
Have had two in the last four days (Victoria BC) , do erase the TEXT SMS msg but end up paying for it as I'm on a prepaid plan. Do they get these numbers from phone companies or or just do random number generation and send out .
Very annoying…
Yeah. How do they get your cell number? – they know it's a cell, hence the texts.
Replied to "Power to the people" , but it's not easily visible. I'll repeat part here that applies to Canadian Rogers mobile customers:
"Protection for Text Messaging SPAM
"For your protection against unwanted spam text messages, send us a text message with the 10-digit wireless number of the spam message to 7726 (SPAM). As our thanks, we will credit your account $0.15 for each reported SPAM message and it’s free to report SPAM."
Link: https://www.rogers.com/web/content/wireless-produ…
Have received a text message, purportedly from Apple from tel nr [Number removed by editor] to go to [URL removed by editor] and claim a prize I have supposed to have won. As I have never put in for a compettion on my mobile, I do not trust this message. I am living in England, where I received it last night.
I received a message in Swedish on my Swedish cell phone telling me that my phone operator had picked me as a winner. And a link to apple.se with a four digit code.
Shame on them. I received a message in the middle of the night from [redacted] saying in Swedish: your number has made you to a apple winner, go to [redacted] and put the code 3923 to claim your free apple-product!
They should be dressed in feathers and being left in the desert!
I got this last night ( Netherlands) http://www.apple.nl.lrgiveaway.info/
know it's scam but still waking me up in the middle of the night (no i don't turn of the phone just in case someone needs me) people who do this are some of the earth lowest life forms i can imagine.
I received this SMS yesterday 26/12/2012 :-your number was spontaneously tabbed Apple's Overstock iwinner!Go to. http://ie.appleoverstock.cc &submit code 5742 to redeem your free MacBook now! The message originated from +1(631)428-6552. Hope this helps someone avoid these con artists
Great, but there doesn’t seem to be any advice for those of us who were stupid enough to click through. Yes we were very stupid – yes it’s almost unbelievable how stupid we were – but please advise on how to stop being scammed any further – how do we stop them charging us for these messages??? In grateful anticipation ( and deep humility ) thank you.
DON’T CLICK ON LINK: (8-8-17 @ 3:43 pm CST)
I just received SMS short code 27367 that has following text: “Worried about Virus and Hackers? Protect your privacy with professional security app rated 4.7 trusted by over 500 million on Google Play.”
It then gives a link supposedly to Google play. However, not clicking on it nor posting link here, since it’s probably got a virus.
Don’t know who sent, as there is no company name or ID code of any kind. Therefore, counting it as spam & deleting. Especially, after doing a search on it, as apparently this is a SCAM, as I’ve seen a few negative postings associated with this SMS code on various sites.
Just remember a once in a lifetime opportunity comes around about every 58 emails.