In case you have encountered the below URL online or on your mobile device via SMS, do note that the information you might be imparting to avail of the so-called discount is far more valuable than the $20 savings this campaign promises.
According to a WHOIS database, this domain is registered seven days ago and hosted at Orange Website, a European Web hosting provider.
Reddit user Menpachi has shared the photo below to give other Redditors (and us) a glimpse of what the scam, in SMS form, may look like:
CongratulationsOnce users click the link, a browser opens to the phishing site below:
Get a discount of 20$ on your next bill
Enter the link to claim your discount
Clicking the Login button once information is provided reloads a new page, asking for the last four digits of the user's SSN and their PIN.
Clicking the Complete button leads to the splash page below before finally redirecting users to the official T-Mobile website:
Thank you trusting T-Mobile your bonus is submittedAccording to T-Mobile's Privacy & Security Resource page:
Like T-Mobile, most reputable companies will not send you e-mails or otherwise contact you requesting sensitive personal information. Be aware of the policies and practices of the other companies you deal with and always be suspicious of unsolicited requests for such information. As phishing attempts will likely continue to evolve, it is important to always think twice before you provide any personal information in response to e-mails.Subscribers should remember this particular section so it would be easier to determine the fake offers and/or sites from the real ones. In this case, t-mobile-promos[DOT]com is definitely a scam. It's best to avoid visiting and sharing the URL with others.
T-Mobile encourages victims of SMiShing scams to report to the official page of the Federal Trade Commission (FTC) and visit their Identity Theft page to learn what steps to take in minimizing damages from such fraud campaigns.