Do you use Venmo? Strange transaction text alerts convinced users to enter their credentials on a spoofed site to find out that no transaction exists, but the cybercriminal wipes out the money from the account.
There are more ways than ever today to pay people over the internet. Between PayPal, Venmo, CashApp, and direct bank transfers, there is no shortage of ways to make sure that any day can be payday — even for small, personal transactions.
But where there’s money, there’s bound to be scammers lurking in the dark and waiting to strike. According to Komando, because of how widespread the use of payment apps has become, cybercriminals and hackers are relying on increasingly complex tricks in order to fool their victims into handing over their savings. And the scary part: It seems to be working!
A new kind of scam has been targeting users of one of the most popular payment apps on the web. It comes in the form of a text message, and once you open it and enter your login credentials, your funds could be gone forever! Read on to learn how these scammers are getting away with it, as well as what to be wary of when a strange “security text” makes its way to your phone.
Mobile phishing scheme targets Venmo users and drains accounts
According to new reports from Fox Business, users of the payment app Venmo have become increasingly targeted by a sophisticated phishing operation with the goal of gaining access to as many accounts as possible. As of now, there’s no word as to who is behind the scam or where they’re located, but police are certain of the mechanism behind the attacks.
It all starts with a text message.
Usually, it’ll alert you that your Venmo account is about to be withdrawn by a third-party and requests your username, password, and bank card information in order to “cancel” the transaction. Of course, no such transaction exists, and the login page you’re being asked to enter your credentials into is a fake one set up by the scammers to harvest your information.
Once the scammers have gained access to your account, they immediately begin withdrawing the money inside.
What makes this scam particularly scary, however, is the fact that the message victims receive is uncannily similar to the real messages sent by Venmo. This shows that all one really needs to enact an effective scamming operation is some basic computer knowledge and a competent graphic designer.
I use Venmo. How can I protect myself?
Fortunately, the only way you can really fall victim to this scheme is by imparting the information the hackers request willingly. This requires you, however, to open and interact with the scammy text message making the rounds.
As we’ve reported previously, interacting with emails and text messages from users you don’t recognize is a dangerous prospect all its own. Sometimes, just opening a corrupted message is enough to ensnare you, so by using your best judgment when opening emails and texts, you should remain safe from harm.
In addition, setting up two-factor authentication never hurts either. That way, you’ll be alerted in the event a third-party attempts to access your account and ads an extra step that can potentially stump hackers.
Knowing the nature of the battlefield is critical to your success. Just like mama taught you not to talk to strangers, the same logic applies to emails and texts.
Gelinas, James. (2019, September 23). Don’t fall for this sneaky money-stealing texting scam. Komando.