Iliad, SMS scam promises a double top-up, but empties the account

For a few days Iliad users have been receiving a message promising a double top-up, but it's a scam

Smishing is back and this time it's affecting Iliad customers. Since a few days some users are receiving a message promising a double Iliad top-up if you do it directly online. The text invites the user to click on a link that opens a page that seems to be the official one of Iliad, but that in reality has been created ad hoc by scammers. Just pay attention to the URL to understand that this is a scam.

It is good to emphasize that the phone operator has no role in this scam and that indeed is also a victim, because the crooks exploit his name. Iliad, however, is not the only company that in these weeks is used for smishing campaigns: the same happened to Euronics (we have already talked about it here) and also to Poste Italiane. For those who don't know what smishing is, it's a scam that uses SMS to cheat users and illegally obtain their personal data and also the credentials to access their current account. Here's what to do to defend yourself.

Iliad, the SMS scam: how it works

A simple but very effective message: "Iliad: if you recharge directly online Iliad gives you 100% bonus". If you do not pay much attention to the sender and also to the link in the text of the message, it is easy to fall into the trap set by the scammers. After all, who wouldn't want a free recharge? Once you click on the link you will land on a page (almost) identical to the official Iliad page for online top-up and you will be asked to enter your phone number and online banking account credentials.

The aim of the scam is precisely to gain access to the online home banking service in order to empty your bank account.

How can you defend yourself against this type of scam? First of all, if we receive a message that apparently seems to have been sent by our phone operator in which he gives us a top-up, it is always better to read up online and if necessary call customer support for confirmation. In addition, you should also pay attention to the text and check if there are any grammatical errors.

Smishing also affects Poste Italiane and Euronics

In this period the scammers are very active and smishing campaigns are also affecting Poste Italiane and Euronics. The hackers are increasingly using SMS scams instead of e-mails because there are no protections that block the receipt of messages: users must be able to recognize the scams.

In the case of Poste Italiane, the message invites users to click on a link to avoid the block of the current account after it has been suspended by the Antifraud Department. Clicking on the link opens a page identical to that of Poste italiane where the user is invited to enter their credentials. If you fall for the scam, you not only give away your personal data to the scammers, but also access to your bank account.

Similar case for Euronics. In this case, the message announces to the user that he is one of the lucky winners of a sweepstakes and to click on the link to collect the prize. The goal is always the same: to steal sensitive data.

Come difendersi dallo smishing

Visto il numero sempre più elevato di casi di smishing, bisogna ribadire quattro concetti piuttosto semplici:

  • non bisogna mai cliccare su link di cui non si conosce la natura;
  • non bisogna mai inviare i propri dati personali su siti poco affidabili;
  • installare un antivirus;
  • controllate sempre con la massima attenzione l’attendibilità della URL: basta poco per capire che si tratta di un sito falso.