We Don't Have All the Answers, But We DO Have Your Problems!
Oh, the cleverness of scammers. How can I scam thee? Let me count the ways… We recently heard from a woman who has been overwhelmed by scam “group texts.” They’ve been targeting her, along with as many as 19 other strangers whose phone numbers appear in the group. She asked us for advice on how to stop the onslaught. She told us that she never clicks on the links or responds, but inevitably others get mad at receiving them. Some people respond with "STOP" or respond with angry foul responses. Of course, since it's a "group text" she says, she gets those responses too!
Some of these texts are supposedly to sex sites, others not. She added “How I got included in these sex lists is beyond me and I do have to laugh at that, though it gets annoying! I think my adult son found it much funnier than I did!” Here are two recent examples she sent us. This first text, sent to 20 people, was actually delivered from a Hotmail email account called “dorotheanwilmethag6541.”
It turns out that “Cutt[.]us” appears to be a malicious shortening service of sorts and the website contains text in Arabic. Don’t be misled by the “.us” for United States! Cutt[.]us was registered in Saudi Arabia nearly a year ago. Anyone clicking that link will be hit with malware (See the report from Sucuri.net) AND arrive at a pornography website called mysecrethookup[.]com where you will AGAIN be hit with malware!
When we asked Google in Firefox to tell us about Cutt[.]us, we discovered that LOTS of people had searched Google to try to understand what these links were. (Do NOT use Chrome to search for a domain. Chrome will send you to the domain itself!) Google has a feature that will auto-populate text as you type, based on similar searches that other people have made in your geographical area. Look what Google showed us as we typed cutt[.]us...
Clearly, many other people were asking Google about this shortening service. We entered many of the links you see above in our online security tools and every time the tool came back saying that cutt[.]us was malicious and malware was lying in wait!
Here’s another example of a group text hitting the woman’s phone, along with 19 other people. The link this time came from someone’s Gmail account and pointed to a sex site called mydateupseex[.]site. But this oddball name seemed so peculiar that we ran a whois lookup for it. It turns out that it was registered in Bangladesh less than 3 weeks earlier, and we all know that this very likely means it is malicious!
By now, the poor woman bombarded with these texts was at her wit’s end and asked us what to do. In the past, she said, she had blocked each number individually. “That worked for a while, but they have mysteriously started up again. Regularly!” she said. But her “block list” has become quite large! The only thing we can recommend is to install a phone call blocker, like NoMoRobo, but those have had some problems in the past year by blocking legitimate calls too!
Our readers may recall that in late March, cybercriminals signed up one of Doug’s email accounts on multiple sex dating sites. In one month he received 836 email invitations (that he turned down). We feel your pain, and then some!
We were also recently contacted by a woman who asked us a question about her iPhone that had us completely stumped. Surprisingly, we discovered we had the exact same problem she described!
She writes...“I noticed recently that when I send an email [from my phone] and tap on the From line, my four gmail accounts appear. But now there is a fifth one listed that is not my account at all! It is LisandraGreg173@ my.minbox.email. I rang Apple Support and they said since I use gmail, I should contact Google. This I did, but then Google said that as I send/receive mail through the Apple portal, I needed to contact Apple. So confusing. I will contact both again today but wondered, in the meantime, if you might be able to shed any light on this?”
Though we didn’t have a definitive answer for her, we were shocked to discover that we had the same problem! We discovered that we had an email account from 2 other people installed on our phone!. Moreover, a Google search informed us this bizarre problem was described by MANY people on the Internet. Most of those who described the issue had an iPhone 6 and the solutions that were offered for the iPhone 6 no longer worked in the newer iPhones such as the iPhone 12. (The problem is that with the newer operating system, none of the suggested fixes made sense because the tools have changed.)
As best as we can tell, It appears that the woman may have inadvertently clicked on a malicious ad or visited a website that installed the email account into her phone in an effort to manipulate or misuse her phone. Perhaps. And this happened to us as well! We still don’t completely understand what’s going on!
Here are a couple of links talking about this issue:
But we did discover that this bizarre, and disturbing problem of finding someone else’s email account on our iPhone can be managed by logging directly into your iCloud account and clicking the “Contacts” list. It was in the Contacts list that we found the 2 unrecognized email addresses and were able to delete them. (We couldn’t resolve the issue any other way!) We didn’t put these email addresses onto our Contacts list and had no idea who they were! Like we said, we may not have all the answers to your questions, but sure have your problems!
If you have an Apple account and an iPhone, we recommend logging into your iCloud account, click your Contact List and delete anyone you don’t recognize on that list! And while you are there, be sure to turn on 2-factor authentication to better protect your account!
Daily Scam Home Page