Last night when I was on the bus, I received a message from 10086. The message is as follows:
Dear users; Your mobile phone points can be exchanged for a phone fee gift package worth 50 yuan. Please use your mobile phone to log in to the website; http://baid.us/pVdD Download, install, open and activate. The system automatically recharges successfully within 24 hours
First, let's analyze the vulnerability of this message (10086, but Pseudo base station I still know about the situation, and can impersonate any number to send any SMS to nearby users):
1. "Dear user", the formal 10086 starts with "Dear customer", details determine success or failure! How can a liar cheat me if he doesn't pay attention to this?
2. Punctuation marks are confused. There are no punctuation marks between sentences, and the punctuation marks are incorrect. How could the regular 10086 make such a low-level mistake?
3. Use a short URL. We all know that short URLs can hide real URLs, and we know that there must be something fishy (industry habit) in using short URLs. The official 10086 website must be the website of the mobile official website, and will never use a short website! Remember this, cheats can't do anything about it unless they hack the mobile website!
4. Logic is confused. What software should be installed to redeem points? Is there such a logical idea? The 50 yuan phone bill is not enough to make people impulsive to install software of unknown origin without thinking about the cause and effect.
After analyzing the short message, let's see what the short URL is for (never download and install it on your mobile phone). Open this short URL with your mobile phone, and you will be prompted to download the software: Please Do Not Uninstall.apk 370B! It must be malware or phishing. I know it is malware, but I still want to take a look! Transfer to micro cloud!
Download failed. Leave it alone! View the website. It starts with dl.dropboxusercontent.com. When you open this homepage, it is 404, so you will jump to the homepage of the whole station: https://www.dropbox.com , is a foreign online disk! How many times has Nima danced!
When you open this website on your computer, you will jump to a website for car mats, and then automatically jump to Tmall again! Is it promoted in disguised form? Very bad property!
Finally, I can conclude that even if it is a message sent from the operator's number, don't believe it! Be confident to analyze the loopholes, or call the customer service hotline (10086 or 10010, don't believe the message) to make plans after careful verification!
Pseudo base station science popularization:“ The "pseudo base station" device is a high-tech instrument currently used to implement telecommunication fraud. It is mainly composed of a host computer and a laptop computer. It can search for mobile card information centered on it within a certain radius, and arbitrarily use other people's mobile phone numbers to forcibly send short messages such as fraud, advertising and sales to users' mobile phones. When such a device is running, the user's mobile phone signal is forcibly connected to the device and cannot be connected to the public telecommunications network, which affects the normal use of mobile phone users.
The relevant person in charge of the Ministry of Public Security said that the use of "fake base station" equipment to commit crimes seriously endangers the national communication security and social public order. The public security organ reminded the masses to be vigilant when receiving short messages requesting transfer and remittance. Even if there is a demand for remittance, they should verify the relevant information with the other party by phone to prevent being cheated and finding fraud, Report to the local public security organ in time.
