Warning: Smishing campaign imitating the website of the Ministry of Labor and Social Affairs

The Cybersecurity Team of Masaryk University warns against a smishing campaign that imitates the pages of the Ministry of Labor and Social Affairs of the Czech Republic (MPSV) and thus tries to lure people into logging in to internet banking.

14 Nov 2022 Warnings

No description

What’s going on?

Recently, several fake SMS messages have appeared, which try to attract users to the fake housing allowance offer of the Ministry of Labor and Social Affairs. SMS messages contain fake domains such as post24-mpsv.cz or gov-mpvs.online. Attackers try to lure victims into clicking on a link in an SMS message that leads to a fake website of the MPSV.

The campaign is very sophisticated, as the fake website of the MPSV looks very credible and does not contain grammatical errors. If the user clicks on the "fill form" button on this page, they will be taken to a fake bank identity page. Here the attackers created a fake login gateway for all banks. Even the QR codes are actual and link to real bank websites. With this scam, attackers try to trick users into logging into their online banking and thus lure the login details from them.

What to do?

The attackers created a very successful copy of the website of the MPSV. For this reason, the page's appearance may seem trustworthy at first glance. But don't be fooled, and check the URL of the page! This is because attackers deliberately create minor adjustments in URL addresses so that they imitate the official name of the address as best as possible (e.g.: they use mpvs instead of mpsv). However, the only official website of the Ministry has the format mpsv.cz, while the official address linking directly to information on the housing allowance looks like this:
https://www.mpsv.cz/web/cz/-/prispevek-na-bydleni

It is also necessary to beware of fake login gateways of individual banks. Here, too, it is essential to check the URL address and thus verify whether we are really on the official website of our bank. No bank will ever ask you to share sensitive data via phone, email, or SMS. If you suspect you have received a fraudulent SMS, email, or phone call, it is advisable to check the phone number or email address on the bank's official website. However, the best solution in such a case is not to share any details over the phone or email. Instead, go communicate the issue to the bank in person. You will avoid possible problems.

Conclusion

Smishing, which the attackers use in the aforementioned fraudulent campaign, is one of the techniques of social engineering that exploit one of the most sensitive methods – psychological manipulation. You can read about other similarly insidious techniques and advice on how not to get scammed in the online course we have prepared for you. At the same time, we also recommend that you follow the activities of the Cybersecurity Team of Masaryk University, which warns you of current threats.


More articles

All articles

You are running an old browser version. We recommend updating your browser to its latest version.