3 min read
How a phishing scam took over my phone and how I recovered
Caitlin Anthoney Sep 11, 2024 7:17:42 AM
On September 6, 2024, I received what seemed to be a routine text message about a delivery I was expecting. The message, supposedly from The Courier Guy (the company handling my package), requested a clearance fee payment through a link. Since I was anticipating the delivery that day, it appeared legitimate, but there was one red flag: I had already paid the delivery fee on the official website.
Curiosity got the best of me, and I clicked the link. The site initially seemed secure, using “https,” suggesting it was encrypted and safe for entering personal information. The website looked authentic, with the company logo, slogan, and even the tracking number. However, I started getting suspicious when they demanded I enter my credit card details "for quick processing and delivery."
Then, I noticed that the original URL had redirected me to one with an extra "s" in the company's name and that this URL did not match the official company website.
A quick Google search of the original URL led me to Scam-Detector’s analysis, which stated, “The Scam Detector website Validator gives cl.gy the absolute lowest trust score on the platform: 0.5. It signals that the business could be defined by the following tags: High-Risk. Phishing. Beware.”
Fortunately, I did not enter my credit card details, and I quickly closed the site, but soon after, my phone became unresponsive. I couldn’t even switch it off.
I managed to contact my manager at Paubox, who advised me to turn my phone off, change all my passwords, and enable two-factor authentication (2FA). After multiple attempts, I managed to power down the device, used my computer to update passwords and activate 2FA, and then cleared my browser history, cache, and cookies.
Thankfully, I could switch the phone back on, and everything returned to normal.
So, what caused my phone to become unresponsive?
What I experienced was a classic phishing scam, where malicious actors pretend to be legitimate organizations to trick potential victims into providing sensitive information or downloading malware.
I hadn't updated my phone’s security software in about a month, which could have left it vulnerable, and despite having antivirus software on my phone, it didn’t detect any malware.
Since I didn’t enter any payment information, the suspicious URLs and the phone’s unresponsiveness suggest that malware was involved. Evidently, phishing scams are becoming more sophisticated, and anyone can fall victim. In my case, if I knew that the “cl.gy” domain was associated with phishing scams, I would have never clicked on it.
What others should do to protect themselves
Always verify URLs: Double-check the website’s domain, even if the message looks official. Legitimate companies will have consistent and correct domain names.
Update security software: Regularly update built-in security software so the device is protected against new threats.
Enable two-factor authentication (2FA): 2FA improves security defenses, preventing unauthorized access, even if your password is compromised. Follow Google’s Help Center guidelines:
- Open your Google Account.
- In the navigation panel, select Security.
- Under “How you sign in to Google,” select 2-Step Verification Get started.
- Follow the on-screen steps.
- Click turn on 2-step verification
Clear browser data: While deleting browser history, cache, and cookies doesn’t address underlying issues like malware, it can help prevent the phishing site from continuing to track your activity or trying to re-engage using cached or persistent cookies.
Educate yourself: Stay informed about common phishing tactics. Be aware of potential scams to recognize and avoid them. As the UPS shipping support site advises, “If you are unsure of the validity of a text, do not click or select any links or open any attachments as they may contain a virus.”
Read also: Why people still fall for phishing attacks in 2024
FAQs
What is phishing?
Phishing is a cyberattack where attackers impersonate legitimate entities to deceive individuals into disclosing sensitive information, like passwords or financial details. The attackers usually send fraudulent emails with links to websites running malicious code or to download and install malware.
Does HIPAA apply to phishing attacks in healthcare?
Yes, phishing attacks in healthcare fall under Health Insurance Portability and Accountability Act (HIPAA) regulations. Phishing attacks compromising the privacy and security of protected health information (PHI) can lead to severe penalties, including fines and reputational damage.
How can healthcare organizations verify their text messages to patients?
Healthcare organizations must give patients verified contact information via official communication channels like HIPAA compliant text messaging.