Below is an SMS that pretends to be from a bank. It’s a scam, and here’s how you can tell:
- I don’t have an account with ANZ. So it’s obviously a scam.
- I didn’t request any accounts to be deactivated. They wouldn’t normally do this without you requesting it.
- If a bank really did deactivate my account they would send me a letter in the mail, on official letterhead, in a branded envelope. They wouldn’t use SMS or email.
- This is the most important clue: the URL at the end is from “is.gd” – this doesn’t sound like anz.com.au, it’s completely different.
So what is a “is.gd” domain?
Firstly, .gd is the top level domain of the country Grenada. Not something an Australian bank would use to communicate with their customer. But apart from Grenadian businesses it’s commonly used as a novelty domain because it sounds like “good”.
Next, “is.gd” is a URL shortening service. I’ve written about URL shorteners before. What you need to know is that it’s used to shorten (or hide) the real URL. So by looking at it you can’t know where the URL goes. You might be tempted to click on it to find out, but I wouldn’t recommend that. Clicking on untrusted URLs is one way to get malware.
So what about this is.gd domain that has the word ANZ at the end? There’s a safe way to find out what it points to – use a service called http://wheredoesthislinkgo.com. You put in the short (untrusted) URL and it expands it. So in this case, it expands to:
So not the ANZ bank’s website. We can stop here, we don’t need to click on the link. We already know it’s not really from the bank, they already lied in the original SMS so their motives are probably malicious.
What about the sender’s phone number? Can it be identified? No. SMS allows senders to change the “from” address or phone number. You need special software to do it but it’s not hard. So In this case the sender is “Message”, which is also suspicious. But really, anyone can put anything in the sender’s phone number. Just like with email.
Delete the SMS, no harm done at this point. And if you tell your friends and family about it (maybe show them the SMS before you delete it), you’ll be raising awareness of the scam. This is the best way to fight back, reduce the chance of others falling for it.
If you receive a similar SMS (with different wording) you can share it here in the comments.