Hackers Use SMS Phishing Scams to Trick Rogers Customers with Outage Refunds
Screenshots Shared on Social Media Show SMSs Claiming to Be from the Canadian Media Company.
Rogers Communications Inc. is warning Canadians to keep an eye out for SMS phishing scams offering to reimburse customers for the system outage earlier last week.
An update for our valued customers: We know you depend on us & yesterday we let you down – for this we are truly sorry. (1/4)
— Rogers News (@AboutRogers) April 20, 2021
Users were blocked from accessing wireless voice and data services after the company suffered an outage throughout Canada a week ago. Now threat actors are sending malicious text messages asking recipients to click on a link to claim their rebate.
An SMS posted on social media fakely claims that “R0GERS WIRELESS INC.” (spelled with a zero instead of the letter O) is offering a $50 credit if people click on a provided link.
Image Source: Twitter
Rogers responded that it never sends credit notifications by text and urges anyone receiving such a message not to click on the embedded link. What’s more, the company explained that the credit amount will vary depending on the wireless plan and won’t include a registration link.
Will I receive a text message or email that I need to respond to in order to collect the credit?
No, we will not be sending you a text message or email – this credit will be automatically applied to your account. No action is required on your part and you will see the credit on your next bill dated on or after May 1.
The 16-hour wireless system outage on April 19th was traced to an Ericsson software upgrade that caused devices to be disconnected from the network, the company revealed.
A message from Rogers CTO Jorge Fernandes to customers the next day said
We have addressed the software issue and our engineering and technical teams will continue to work around the clock with the Ericsson team to restore full services for our customers.
- Check the email address, not just the sender’s name. Watch for extra words, symbols, or substituted letters, especially in the domain name.
- Links and attachments may contain malicious software, so don’t click or open them. Instead, go directly to the source’s official site.
- Requests for personal information are a red flag. Major institutions, such as banks and government services, don’t ask for those details through email or text.
- Be cautious if the sender requires a quick or urgent response.
- Spelling and grammar mistakes are common in basic phishing messages, so read the message carefully.