Mobile Menace Monday: SMS phishing attacks target the job market

Mobile Menace Monday: SMS phishing attacks target the job market

Recently, a co-worker received an enticing SMS message from ASPXPPZUPS Human Resources. It read:

Tired of your old job? Join our team today, work from home and earn $6,200 per month:  

Could it be that our dream job awaits via random text message? On the contrary, this SMS phishing attack could cause nightmares for unsuspecting job hunters.

Don’t quit your day job

In order to investigate this phish further, the first step is browsing to this so-called career-changing website mentioned in the message.

Amazon!? Awesome! Let’s review this exciting position of Prime Agent. Great base salary plus commission! Full healthcare and minimal working hours! Brand new car!? All for a couple of easy job responsibilities you can do from home—Apply now!

Okay, seriously though, if the brand-new car bit doesn’t tip people off this is a ruse, I don’t know what will.

Gathering information

Knowing this is a ruse, let’s proceed forward by clicking Apply now regardless.

This is where I’m a little disappointed in the scammers. This could be an opportunity to gather a person’s full resume, with history of work, education, where they live, and a plethora of other information. Instead, they only ask for name, email, and phone number. Lazy. Still, this is enough to send spam emails and even more SMS phishing attacks.

Adding fake information and turning on a network sniffer, I submitted the information.

As a result, the network capture shows the information going to a amz-jobs-careers./apply.php. After hitting Submit Details, it redirects to to make things look legitimate.

Job hunters beware

Many studies have shown that in America, many people are unhappy with their current jobs. For example, the Conference Board conducted a 2018 

To aid in the battle against SMS phishing attacks, our premium version of Malwarebytes for Android alerts users of dangerous links in SMS messages. Furthermore, our it also scans phishing URLs when using the Chrome browser, once again alerting on detection.

In case anyone was wondering, I’m fortunate to be in the 51 percent of people happy with their jobs—mainly because I get to protect readers like you! Stay safe out there!


Nathan Collier

Full time mobile malware researcher, part time endurance athlete and world traveler. As nerdy about traveling as he is about mobile malware.