The ongoing phishing campaign has been reported to target citizens through fraudulent SMS messages, with perpetrators masquerading as the HEP (Electric Power Company). This campaign aims to steal personal data—such as names, phone numbers, and bank card information—as well as money from unsuspecting individuals.
The deceptive messages typically state that the recipient has an outstanding account balance or a failed payment that must be rectified immediately to avoid service interruption. Common phrases used include "Your last account is unpaid…" or "Your last factory payment failed…" This tactic is designed to instill urgency and pressure the recipient into taking quick action.
In these messages, there is often a link that directs individuals to a malicious website that is crafted to resemble the official HEP web address. This resemblance adds to the deception, making it difficult for recipients to identify the threat at a glance.
Indicators of the phishing attempt in these messages include:
- False Representation: The sender falsely claims to be HEP.
- Legitimate-seeming Requests: The message appears legitimate, requesting correction of an alleged payment error.
- Evoking Strong Emotions: It employs fear tactics, suggesting that the electricity will be turned off if the issue isn’t resolved quickly.
- Sense of Urgency: It emphasizes a limited timeframe for response, such as a 24-hour window.
- Malicious Link: The provided URL, despite its similarities to HEP’s official site, is designed to steal personal data.
When individuals click on the phishing link, they are welcomed by a misleading message about unpaid accounts, along with a request for personal and bank card information.
If you have entered your details on this phishing site, it is critical to take immediate precautions, including:
- Contacting your bank to secure your account and mitigate any potential damage.
- Reporting the incident to the police, especially if any funds have been stolen.
- Staying vigilant regarding unforeseen messages and phone calls you may receive, as the attackers may now have your personal information—such as your first name, last name, and phone number.
To enhance your online safety, it’s essential to exercise caution and follow best practices for internet security. Always verify the authenticity of any requests for personal information, especially when they provoke strong emotional responses or create pressure to act quickly. If you receive suspicious messages, do not click any links and report them to the relevant authorities. Be proactive in safeguarding your information to protect yourself from falling victim to similar scams in the future.
In summary, citizens are urged to stay alert for ongoing phishing scams via SMS that impersonate HEP. These scams leverage urgency and panic to encourage victims to divulge sensitive information unwittingly. If you suspect you’ve been targeted, take steps to secure your accounts and report the incident to appropriate authorities.