Indeed, you may well have, but I'll bet, never with links looking for information.I think it probably is a scam. However looking at the text message, I see that it appears to come from the same account I have received genuine BOI communications in the past.
I think it probably is a scam. However looking at the text message, I see that it appears to come from the same account I have received genuine BOI communications in the past.
yesIf you click on a fraudlent link can this is itself release malware which can intercept transactions on your PC or phone?
If you click on a fraudlent link can this is itself release malware which can intercept transactions on your PC or phone?
I'm afraid not, clicking the link can be enough to trigger a malware/ virus download. Even clicking on such a link, you will be confirming to a scammer that they have a valid phone number/ email address that will see you get targeted more.In most cases, there is no particular risk involved in clicking the link. The risk arises when you enter information on the system at that link, which is often make to look like your online banking or other trusted system.
I agree on the 'do not click' conclusion, but aren't most browsers and indeed devices configured to block any download of executable code?I'm afraid not, clicking the link can be enough to trigger a malware/ virus download. Even clicking on such a link, you will be confirming to a scammer that they have a valid phone number/ email address that will see you get targeted more.
If in any doubt whatsoever, do not click the link.
Some will prompt you but the better coded exploits will work around those controls.I agree on the 'do not click' conclusion, but aren't most browsers and indeed devices configured to block any download of executable code?
Some useful details here; https://security.stackexchange.com/questions/172582/do-drive-by-attacks-exist-in-modern-browsersSome will prompt you but the better coded exploits will work around those controls.
Well, it's the thoughts of another anonymous person on an internet forumSome useful details here; https://security.stackexchange.com/questions/172582/do-drive-by-attacks-exist-in-modern-browsers
Would seem to suggest that it would require either outdated browser or other software on the device to be exploited, or a zero day exploit - unlikely but not impossible.
Thanks, do you know how a direct download link works on a mobile phone? It's not going to install an app, presumably? So at worst, it might be trying to install a browser extension, which presumably most browsers would block?Well, it's the thoughts of another anonymous person on an internet forum, but focused on drive-by exploits on computers, and not clicking on a malicious SMS link as per this thread. Drive-bys involve the triggering of a download without having to click on a link, download button, etc.. As you say, most browsers have stepped in to address that, so the criminals have moved on, no point spending time trying something that might never work.
Some of the links you will find circulating via SMS are direct download links, and not just a link to a website that hosts a drive-by or an attempt to fool you into providing personal information.
Thanks, I had heard of that one, but had forgotten the detail.Rather than a html page, the link would point to a compromised document or media file that would then depend on exploiting a vulnerability in the app used to open it. FluBot was an apk that most phones will block by default, but it's capable of presenting instructions to the user fooling them into disabling security measures, so clicks involved but lots of people were fooled.
That all depends on whether they're trying to fool the user into disabling controls or they're going after a vulnerability that can bypass without user intervention. That's getting harder all the time, but I don't foresee a day when all OSs and browsers will be vulnerability free.You'd need to go a fair bit past clicking the link, with other clicks, to do the damage.
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?