William Tsing of Malwarebytes Labs has published a report detailing the technique behind an SMS-based phishing campaign targeting people looking for work via the internet.
The malicious SMS campaign uses targeted text messages to redirect victims to a phishing webpage that asks them to enter personal information after reviewing a job offer.
Essentially, when a person looks at the ad and clicks on the banner “Apply Now” it is redirected to a form where he / she enters a name, address e-mail and phone number.
The joke of the case is that the phishing page informs users that "All fields are mandatory, we will contact you within 24 hours after submitting your details."
After clicking "Submit Details" at the bottom of the form, the malicious page sends all the registered information to the attacker's servers and then redirects the victim to the official job search website to avoid suspicion.
According to Tsing 's study, the hackers target almost half of the labor market where about 49% of all employees are not satisfied with their work.
So, if you are looking for a job, make sure you do not fall over a phishing page. More specifically, if you ever get an SMS saying you can work from home and earn more than three times your current salary, you can delete the message without remorse, because 99% is a trap.