Researchers have uncovered a long-running scam that exploits fake CAPTCHA pages to trick mobile users into sending multiple international SMS messages without their knowledge.
This scheme, known as International Revenue Share Fraud (IRSF) or SMS pumping fraud, takes advantage of complex telecom billing systems to generate revenue for cybercriminals.
In this scam, Victims are led to a fake CAPTCHA page via malvertising, where they are prompted to click a button that opens their SMS app with pre-filled messages to various international numbers.
Each message sent can result in significant charges, often amounting to around $30 per person, with a portion of the fees going back to the scammer.
To prevent users from exiting the scam, the pages use JavaScript to hijack back-button functionality.
This operation defrauds individuals and telecom carriers alike, leading to unexpected charges on mobile bills.
To protect yourself, never send an SMS to verify human identity.
Regularly check your mobile bill for unfamiliar international charges and consider using mobile protection apps to block known malicious sites.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
