Recently, a co-worker received an enticing SMS message from ASPXPPZUPS Human Resources. It read:

Tired of your old job? Join our team today, work from home and earn $6,200 per month: hire-me-zvcbrvpffy.<hidden>.com.  
Could it be that our dream job awaits via random text message? On the contrary, this SMS phishing attack could cause nightmares for unsuspecting job hunters.

Don’t quit your day job

In order to investigate this phish further, the first step is browsing to this so-called career-changing website mentioned in the message.

[gallery type="slideshow" size="medium" ids="25598,25599"]

Amazon!? Awesome! Let’s review this exciting position of Prime Agent. Great base salary plus commission! Full healthcare and minimal working hours! Brand new car!? All for a couple of easy job responsibilities you can do from home—Apply now!

Okay, seriously though, if the brand-new car bit doesn’t tip people off this is a ruse, I don’t know what will.

Gathering information

Knowing this is a ruse, let's proceed forward by clicking Apply now regardless.

[gallery type="slideshow" size="medium" ids="25600,25601"]

This is where I’m a little disappointed in the scammers. This could be an opportunity to gather a person’s full resume, with history of work, education, where they live, and a plethora of other information. Instead, they only ask for name, email, and phone number. Lazy. Still, this is enough to send spam emails and even more SMS phishing attacks.

Adding fake information and turning on a network sniffer, I submitted the information.

As a result, the network capture shows the information going to a amz-jobs-careers.<hidden>/apply.php. After hitting Submit Details, it redirects to to make things look legitimate.

Job hunters beware

Many studies have shown that in America, many people are unhappy with their current jobs. For example, the Conference Board conducted a 2018 study reporting that 51 percent of people are satisfied with their jobs, thus leaving 49 percent unhappy. In addition, it's a job-rich economy right now, which means it's a great time to be looking if you aren't happy in your current situation. It’s no wonder scammers are targeting job hunters. For those in the 49 percent, best to stick with more trustworthy methods than through SMS phishing messages.

To aid in the battle against SMS phishing attacks, our premium version of Malwarebytes for Android alerts users of dangerous links in SMS messages. Furthermore, our it also scans phishing URLs when using the Chrome browser, once again alerting on detection.

In case anyone was wondering, I'm fortunate to be in the 51 percent of people happy with their jobs—mainly because I get to protect readers like you! Stay safe out there!