Spam wave after Facebook data leak: How to stop unwanted text messages

Data of over 500 million Facebook users, which originated from a leak in 2019, has recently resurfaced on the Internet. Since the leaked data also includes numerous cell phone numbers, many users are currently receiving intrusive SMS spam. Here's what you can do about it.

Facebook can claim 1,000 times that the circulating data originates from an older leak and that the breach has long since been closed: The fact is that over 500 million data records of Facebook users have been offered by cybercriminals on the Internet in recent days. In addition to names, the data also includes cell phone numbers, locations, and in some cases birth dates and mail addresses. As it turns out, affected users from Germany are currently receiving more SMS spam messages.

You can easily check whether your data has also been tapped. You can use the web app from Have I Been Pwned to search for your email address and, more recently, your cell phone number. As it turns out, there are significantly more mobile numbers in the records. Enter your mobile phone number in the international format, which means you prefix "+49" for a German number, in exchange you omit the "0" at the beginning of your phone number. The number 01234567 then becomes "+491234567".

First wave SMS spam

Many users in Germany are currently noticing the Facebook leak via an increased volume of SMS spam. The method is not new, but the senders seem to be making use of Facebook's leaked cell phone numbers. Currently, these are often fake package notifications. Users are asked in the messages to tap on a link to see where an alleged package delivery is located. However, instead of the package status, users are redirected to malware pages.

The messages we have seen so far are not very well made. First of all, you see the number in plain text in the sender and not references to parcel service providers like DHL or DPD, moreover, the links are often suspicious at first glance because they point to unusual domains. But sometimes you can be fooled by a quick read and don't recognize spelling mistakes in domains. If you receive such a text message, you should not tap on the link it contains and certainly not type in payment data or passwords on websites that are opened afterwards.

Spam protection for Android

Android users have built-in spam protection in the Messages app and it is enabled. You can check this in the app's settings. Tap the "Spam protection" item there. There is then only an on-off switch at the "Activate spam protection" option. But this function alone does not perfectly protect you from unwanted messages.

If you have already received packet spam or similar via SMS, press and hold the message briefly and select "Block" as well as "Report spam". This will allow you to stop spam SMS from the number you are using. However, since attackers usually change sender numbers pretty quickly, you may have to go through this procedure more often.

For Android, there are also special apps that tackle the whole theme even more comfortably. Calls Blacklist, for example, can hook in as an SMS app and then block all SMS messages from senders not in your contacts, for example. This sounds good, but you should be careful because many companies also use SMS as a notification tool.

Block unwanted SMS on iPhone

For iPhone users, of course, "be attentive" also applies. You can also simply delete a few SMS spam messages or select the sender and then tap "Info". Select "Info" again and then "Block callers". Again, if the SMS spammers change the number, you will have to answer again.

Practical in this case is a function that you can find in the "Settings" under "Messages". Scroll down a bit to "Message filter" and turn on "Filter unknown senders". This will sort iOS iMessages into a separate list if they come from senders not found in your contacts. Classic SMS messages, however, are not taken into account.

What to do if you have already tapped the link?

It is impossible to say exactly what happens when you tap one of the spam links. The range of possibilities is extensive: It is possible, for example, that you end up in a subscription trap, that passwords are forked over, or that someone tries to foist a contaminated app on you that spies on you.

If you have really been tricked into signing up for a subscription, you should try to cancel the subscription if you can find out who the provider is. In addition, you should block the means of payment used, such as credit cards, and report the matter to the police.

Basically, in such a case, it is no longer guaranteed that your device is still safe. The most alarming signs are unwanted apps on your device and intrusive advertisements that are difficult to disconnect. What you should do in such a case? If available, restore a backup of the phone. If you do not have a backup at hand, a reset will help, but you will also lose content when you reset the device to factory settings.

The Federal Network Agency also has a way to report SMS spam.

Read more here:
https://blog.spaces.cloud/2021/04/data-from-533-million-facebook-users.html

Comments

Post a Comment

Popular posts from this blog

Chrome targeted by criminals: Why users need to update quickly now

A security vulnerability in Google Chrome is currently being exploited by cyber criminals. Malware could land on your PC through it. Read here how you can protect yourself. The Google Chrome browser is currently struggling with some security vulnerabilities. In a blog post , Google warns about a total of seven vulnerabilities, with the majority of these gaps being classified as a "high" threat to users. The vulnerabilities have been fixed in the latest version of Chrome for Windows, Linux and macOS. If you have Chrome version 90.0.4430.85 installed, it can no longer be exploited. If you have an older version of the browser installed, you should update urgently. You can find the download of the new version below these lines. Smartphone users do not have to be afraid of the security vulnerability. Google has not had to take any security measures here for the time being. The security vulnerability probably remained undiscovered by cyber criminals for the time being. So far, noth...
Read more

Face and voice recognition: Why TikTok wants to be allowed to collect biometric data in the USA

TikTok's privacy policy for the US now mentions the collection of biometric data from faces and voices. The background is likely to be a legal dispute that cost the company $92 million. Neue Datenschutzbestimmungen sind oft eher etwas für Juristen, doch die jüngste Aktualisierung von TikTok sollte alle Nutzerinnen und Nutzer in den USA aufhorchen lassen. Denn in den am 2. Juni aktualisierten Datenschutzbestimmungen für die USA ist ein Abschnitt enthalten, den es zuvor nicht gab. Er lautet übersetzt: »Wir sammeln möglicherweise biometrische Identifikationsmerkmale und biometrische Informationen, wie sie im US-Recht definiert sind, wie etwa von deinem Gesicht und deiner Stimme, aus deinen Inhalten.« Im englischsprachigen Original ist von »faceprint« und »voiceprint« die Rede. »Bevor wir damit anfangen«, frage man jedoch nach dem Einverständnis, wenn dies gesetzlich nötig sei, fügte noch TikTok hinzu. In response to an initial inquiry from "TechCrunch" about the ba...
Read more

Microsoft Teams, Zoom, WebEx: Berlin authority warns against popular video systems

After an initial data protection audit, some video service providers have made improvements to their offerings. But the Berlin data protection commissioner still sees serious shortcomings. The State Commissioner for Data Protection in Berlin (Germany), Maja Smoltczyk, advises against using leading video conferencing systems such as Microsoft Teams, Skype, Zoom, Google Meet, GoToMeeting, Teamviewer and Cisco WebEx. The reason is a retest of various offerings. After a number of services had already failed a test of data protection requirements last year, a new test of the major providers did not reveal any substantial improvement. Smoltczyk said that she was pleased "that our comments had persuaded so many providers to improve their offerings, in some cases very significantly, in terms of data protection". There are now enough legally compliant services for a wide range of purposes that there is no reason to break data protection law for video conferencing. However, if a provid...
Read more