A new message that came to our mobile phone this afternoon caught our attention. It was from an unknown user and urged us to go to by clicking here smsfoto.net to see a new photo. As you guessed, it is of course another message Phishing.
The sms arrived from the sender INFOmessage and had as text the following: "You received - (1) - new photo: http://smsfoto.net/c/d?i=Fwi614DG3a". The lack of the name of the real sender as well as the text of the message which was not usual, made us suspicious and so we tried the link not from the mobile phone, but from a pc.
Opening our page, an advertisement of the Sklavenitis super market appeared, which mentioned that it was bad translation that we can claim an award if we state our age. Knowing now that this is one phishing page we began to wonder about her, looking for who might be hiding behind her.
The page after 4 seconds flew us to a second, http://apple2win.com/page?cam=10274&country=gr&pub=129&aff_id=1170&click_id=5Fw614DG3a, which now asked us to fill in our mobile phone offering us 500 euros in a gift certificate from Sklavenitis.
Of course we did not proceed. Both websites are hosted in the Netherlands, on the servers of Leaseweb, a well-known company companyserver rental company that has been active in the market for over 15 years. The two domains are from GoDaddy. The 1st domain, smsfoto.net without the rest of the original URL address, gave us a blank page, while the domain apple2win.com gave us that behind it is the company LS Solutions which in Greece is represented (??) by DIMOCO Greece SOLE REPRESENTATIVE IKE with phone number 2111982818.
A simple Google search of this phone showed that the number belongs simultaneously to the companies Cellyobi of PINICO BV, Cytech Ltd, cooliyobi of Sur.ly, Slickly and several others. All of them manage the domains celllyobi.com, www.sur.ly, slick.ly, www.cooliyobi.com, www.apple2win.com, http://halocell.com (watch out for porn), and of course smsfoto.net
It seems that these people once sold sms through the internet, before engaging in more lucrative activities. With the name INFOmessage in sms messages, we found a Greek company that does this job and specifically sells packages of sms messages in which the sender does not appear but only the name INFOmessage. Because we are not sure if they are involved, we do not name them.
Conclusion. Always be suspicious when you receive messages, sms, emails from people you either do not know or who do not show who they are. Be aware that if something sounds too improbable, then it is almost certain that it is not true.
Hi to all. Yesterday they came to me two and / or the same problem as in the article and yes they both had avast. Different models. No solution. For format restore complete.
When referred to as phising, sending such messages is not meant to be a virus that will be truncated through a format. Phishing means sending messages where you are asked to give your information and / or to be charged (giving your details).
So, someone with a headache used your mail or your mobile number (if it also came on a mobile phone) just to make fun of you, to take your data (and in this case) to make you… lighter in your pocket by charging you very expensively and useless SMS.
Not only is there suspicion and caution against such situations.
In this case the (non-existent)… state should have taken a position (at least) since the beginning of 2016 when the "issue" with these… companies had arisen.
More detailed I quote and it may be good to indulge the present MAY with your own article, to the competent Authorities.
22-5-2016: http://bankingnews.gr/index.php?id=252816
23-5-2016: http://www.tyropoulos.gr/%CF%8C%CF%81%CE%B3%CE%B9%CE%B1-%CE%B1%CF%80%CF%8C-%CE%B5%CF%84%CE%B1%CE%B9%CF%81%CE%AF%CE%B5%CF%82-%CF%80%CE%BF%CF%85-%CF%83%CF%84%CE%AD%CE%BB%CE%BD%CE%BF%CF%85%CE%BD-5%CF%88%CE%B7%CF%86%CE%B9%CE%B1-s/
21-7-2016: http://www.bankingnews.gr/%CE%B5%CF%80%CE%B9%CF%87%CE%B5%CE%B9%CF%81%CE%AE%CF%83%CE%B5%CE%B9%CF%82/item/262467-%CF%84%CE%B9-%CF%85%CF%80%CE%BF%CF%83%CF%84%CE%B7%CF%81%CE%AF%CE%B6%CE%B5%CE%B9-%CE%B7-dimoco-%CE%B3%CE%B9%CE%B1-%CF%80%CF%81%CF%8C%CF%83%CF%86%CE%B1%CF%84%CE%BF-%CE%B4%CE%B7%CE%BC%CE%BF%CF%83%CE%AF%CE%B5%CF%85%CE%BC%CE%B1-%CF%84%CE%BF%CF%85-bankingnews.html
And the above happened under: http://www.geminet.gr/_intradownload/60a6237a-6943-489c-9703-2d48311afee0.pdf
Good continuity and success for those involved. I'm bored :) (let me have other primary ones).