If you’re a Verizon customer who’s been getting mysterious spam text messages that look like they come from your own phone number, you’re not alone. Multiple Verizon customers have reported receiving similar messages this week, in which they’re encouraged to click an obscure link to receive a gift. The carrier says it’s working with police to stop the texts.
“Verizon is aware that bad actors are sending spam text messages to some customers which appear to come from the customers’ own number,” a Verizon representative said in an emailed statement. “Our team is actively working to block these messages, and we have engaged with US law enforcement to identify and stop the source of this fraudulent activity.”
A relative of a CNET team member got a text that matched the description of similar messages that were received by other Verizon customers and have been called out in social media and news reports. “Free Msg: Your bill is paid for March,” the message said. “Thanks, here’s a little gift for you.” The message included a cryptic link that made it impossible to know what it was about.
In some cases, the links in these texts direct people to what looks like a prompt to take a Verizon customer survey. “Dear Verizon customer, we would like to personally thank you for always paying your Verizon bills on time by giving you a Free Apple Watch Series7!” the message says. “All we ask from you is to answer a few quick questions about your recent experiences with Verizon’s services.” The message ends with a link to take the survey, encouraging the recipient to take it as soon as possible because “this exciting offer is only available today.”
The uptick in spam messages that mobile phone users are receiving comes after the US government doubled down on its fight against robocalls. Last year, the US Federal Communications Commission mandated that phone and cable companies implement a technology called Stir/Shaken that’s designed to curb the tide of spam calls by requiring voice providers to verify where calls are coming from. The move has, however, led criminals to explore other avenues to keep trying to scam mobile phone users.
“Stir/Shaken has shut down one avenue,” Clayton LiaBraaten, senior advisory board member at Truecaller, which makes a spam-blocking and caller ID app, told CNET in December. “But it’s making already very capable criminals even more sophisticated and sinister in their scams.”
A Verizon customer who received a spam message almost identical to the one received by the CNET employee’s relative posted about it in December on the Verizon Community blog, wondering if the message and link were some sort of phishing attempt. “We cannot confirm it is a valid link” a Verizon customer support representative said in a reply to the post. “We recommend not pressing on it.”
Spam texts like these are one of many forms of phishing, where hackers make use of human error to gain access to sensitive information, typically by preying on gaps in a victim’s tech savvy. Instead of a brute force attack, the cybercriminal poses as a legitimate organization or a familiar face — in this case texts from a victim’s own phone number — and issues a call to action that sounds either fun or urgent (which gives victims little time to think twice). Hackers can use a technique called “spoofing” to disguise their identity by deliberately falsifying the information transmitted to your caller ID display.
After you’re lured into a false sense of security and take the bait, the phisher nets your sensitive information. Phishing attempts aren’t exclusive to mobile phones. They can be disguised as quizzes or questionnaires on social media, too, with questions designed to trick you into revealing info you might use to verify your accounts.
If you receive a mysterious text message encouraging you to click on a link, verify the origin of the message before taking any further action, even if the contact seems legitimate — including your own phone number.
In what the company calls a “firm stance against racism,” the review site Yelp will warn consumers when a business has been reported for racist behavior.
The company said it would only add this alert to a business page “when there’s resounding evidence of egregious, racist actions from a business owner or employee.”
This will include behavior such as “using overtly racist slurs or symbols.”
“As the nation reckons with issues of systemic racism, we’ve seen in the last few months that there is a clear need to warn consumers about businesses associated with egregious, racially-charged actions to help people make more informed spending decisions,” the San Francisco-based company said in a Thursday statement.
On social media, the announcement prompted some praise, but also skepticism from users who questioned how the initiative would be enforced.
The company said the alert will require a news article from a “credible media outlet.” A link to the article will accompany the notice, and it will appear over the reviews until dismissed.