Advertisement
Tech

Pokémon Go texting scammers are trying to hack you

Several sites are also attempting to phish user credentials.

Photo of Dell Cameron

Dell Cameron

Article Lead Image
Photo via Kris Arnold / Flickr Remix by Max Fleishman

There’s been no shortage of Pokémon Go related spam since the app sensation launched last month. And much of it, security researchers warn, may be malicious.

Featured Video

According to AdapativeMobile, a leading mobile security company in Ireland, thousands of potential Pokémon Go players in North America were recently targeted by an SMS campaign pushing a malicious web address. The link reportedly led to a “sophisticated phishing site,” which mimicked the real Pokémon Go homepage.

The website, Pokemonpromo.xxx, is no longer active, the firm said.

Phishing scams work by tricking people into handing over sensitive information, like usersnames and passwords or credit card and bank credentials, by using techniques that targets might think are credible.

Advertisement

Another campaign tracked by AdapativeMobile targeting users via SMS offered thousands of Pokecoins, in-game currency, in exchange for “points.” Users are reportedly prompted to share links “with five of their friends.” The same links have also appeared on social media.

"Gotta Spam ‘em All" -

“Gotta Spam ‘em All” –

AdaptiveMobile

One site, called “Pokemon Generator,” apparently tries to phish user credentials by telling them login so Pokecoins can be added to their accounts.

AdapativeMobile is warning users to be cautious when visiting any site containing Pokémon Go content. Users should be particularly wary, the firm says, of unsolicited SMS messages, “particularly if the message contains a URL as this may lead to a phishing website or a site containing malware.”

Advertisement

H/T ThreatPost

 
The Daily Dot