2 min read

Do You Use Monzo or Revolut? Watch Out For This Scam.

Radu CRAHMALIUC

February 21, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Do You Use Monzo or Revolut? Watch Out For This Scam.

Online banking is a dream come true. No trips to the bank, no bureaucracy, and instant access to your money 24/7 from anywhere in the world.

It should come as no surprise that more and more people are migrating to 100% online financial services like Monzo or Revolut. According to estimates, over 5 million customers in the UK have joined the Monzo banking platform since its launch in 2015, and payment platform Revolut boasts 15 million users worldwide.

However, instant access to all your savings from a mobile phone comes with risks, as hackers have specialized in mobile threats in recent years and thrive on people’s lack of focus when they’re on the phone.

Phishing example shown by Monzo on Twitter 

According to a report by security researcher William Thomas, cited by BleepingComputer, cybercriminals are actively targeting Monzo and Revolut users right now, trying to gain access to their accounts via SMS text messages that link to fake landing pages impersonating the real deal.

The scam mechanism is simple:

  1. Users get a text message, allegedly from Monzo, prompting them to click a link to confirm their account, acknowledge a new login or validate a replacement card.
  2. Clicking the link lands the user on a phishing page made to look authentic and they are prompted for personal information like their email credentials, full name, phone number and Monzo PIN number. Criminals might deploy additional social engineering techniques and stealing bots to acquire information.
  3. Having stolen the victim’s email and Monzo credentials, criminals generate a golden link and activate the service on their own mobile device, gaining unlimited access to all the money in the account.
Phishing pages published by William Thomas on his blog

While investigating the domains used for the fake Monzo landing pages, Thomas also found similar domains used for Revolut scams, which means a similar attack mechanism is used against Revolut users and possibly other digital bank customers.

So here is what you should do to keep your money and your accounts safe:

  • Be wary of any messages urging you to take hasty action.
  • Don’t click on links in messages, even if the message seems to come from a trusted source.
  • Don’t log in using links in messages.
  • Always closely inspect links you get via messages, instant messages or emails -- scam links are most often made to resemble legitimate URLs.
  • Watch out for spelling mistakes or grammar mistakes that could indicate the message is a scam.
  • Don’t give away your credentials to anyone, even law enforcement or bank staff. No one has the right to ask for your credentials.
  • Consider running a security solution on your phone. Bitdefender Mobile Security for both Android and IOS can offer you an extra layer of protection by automatically detecting link-based mobile scams and alerting against incoming threats.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Meta Pays Out Bounties for Account Takeover and Two-Factor Authentication Bypass Exploits Meta Pays Out Bounties for Account Takeover and Two-Factor Authentication Bypass Exploits
Silviu STAHIE

January 31, 2023

1 min read
Hackers steal 10 million customer details from JD Sports Hackers steal 10 million customer details from JD Sports
Graham CLULEY

January 30, 2023

2 min read
North Korean Hackers Tried to Launder $100 Million in Crypto Stolen in 2022 North Korean Hackers Tried to Launder $100 Million in Crypto Stolen in 2022
Silviu STAHIE

January 25, 2023

1 min read