In case you have encountered the below URL online or on your mobile device via SMS, do note that the information you might be imparting to avail of the so-called discount is far more valuable than the $20 savings this campaign promises.
According to a WHOIS database, this domain is registered seven days ago and hosted at Orange Website, a European Web hosting provider.
Reddit user Menpachi has shared the photo below to give other Redditors (and us) a glimpse of what the scam, in SMS form, may look like:
Congratulations Get a discount of 20$ on your next bill Enter the link to claim your discount www[DOT]t-mobile-promos[DOT]com Paul Parker Promotions manager
Once users click the link, a browser opens to the phishing site below:
This page asks for the user’s T-Mobile number and password, credentials that are needed to access a My T-Mobile account.
Clicking the Login button once information is provided reloads a new page, asking for the last four digits of the user’s SSN and their PIN.
Gathered information are saved in separate PHP pages within the domain.
Clicking the Complete button leads to the splash page below before finally redirecting users to the official T-Mobile website:
Thank you trusting T-Mobile your bonus is submitted
According to T-Mobile’s Privacy & Security Resource page:
Like T-Mobile, most reputable companies will not send you e-mails or otherwise contact you requesting sensitive personal information. Be aware of the policies and practices of the other companies you deal with and always be suspicious of unsolicited requests for such information. As phishing attempts will likely continue to evolve, it is important to always think twice before you provide any personal information in response to e-mails.
Subscribers should remember this particular section so it would be easier to determine the fake offers and/or sites from the real ones. In this case, t-mobile-promos[DOT]com is definitely a scam. It’s best to avoid visiting and sharing the URL with others.
T-Mobile encourages victims of SMiShing scams to report to the official page of the Federal Trade Commission (FTC) and visit their Identity Theft page to learn what steps to take in minimizing damages from such fraud campaigns.