T-Mobile employees being targeted by new phishing attack

A few days ago, there were reports of Verizon’s database being held hostage by a hacker. Now, it looks like T-Mobile is being targeted by an aggressive phishing scam. 

To be more specific, the attack is targeting T-Mo employees. As reported by The T-Mo Report, employees shared that they are receiving texts with fake messages and login pages. The fake message reads:

“UNDesktop login is being deactivated.” 

They are then recommended to visit a website so they can verify their credentials and maintain their login.  

According to the report, the domain in the fake website is now non-functional. The attacks started on the same day the website was registered on May 30th in Iceland. Even though this particular domain is no longer functioning, the attackers continue to switch up domains. Some victims said that they have seen at least three of these domains. 

UNDesktop is an internal tool that T-Mo employees use to gain desktop applications. Victims who have entered their credentials into the fake domains are at serious risk. Though right now, there is no information available if there have been logins compromised by the attack. 

Some T-Mo employees have also started to receive over 10 phishing phone call attempts too.

T-Mobile has already been made aware of the internal attack. Hopefully, they are able to remedy the issue before customer information falls into the hands of these scammers. Right now, there have not been any customer claims that their information has been breached. 

We’ll continue to keep an eye on things.

Source: The T-Mo Report