State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

Verizon Wireless Impersonation Scams

Garden State Cyber Threat Highlight

Original Release Date: 12/28/2023

Summary

Over the past month, threat actors increased efforts to target Verizon Wireless cellphone subscribers with social engineering tactics, impersonating Verizon Wireless technical support and fraud agents using spoofed Verizon Wireless phone numbers and SMS text messages. For example, threat actors contact the target and claim that the account has been compromised with attempts to purchase phones. Since the account is supposedly on hold due to the account compromise and failed autopayment, they try to convince the target to make a payment through Zelle that, if paid, results in stolen personal information and funds.

In another campaign, the threat actors informed the target that someone had tried to purchase thousands of dollars worth of Verizon merchandise. They advised them to change their password, which gave the threat actors access to the account, including bank account information for autopay. They also claimed they must migrate the account to another platform and issue a charge. Once the target became suspicious, the threat actors threatened to lock their phones. They were successful; however, the real Verizon Wireless was able to reactivate the phones. In a similar campaign, threat actors claimed the target’s account was locked for security purposes and sent the target a temporary password. They further claim they must migrate the phone service to a new platform and that the account is suspended. The target was requested to resubmit two Zelle payments from their bank account to reinstate it, and the threat actors would transfer it immediately into the target’s account.

Threat actors may also claim there is suspicious activity on the account and that someone is trying to add two phone lines to the account. The threat actors advise the target that they need to transfer the phone lines to another platform and assign a new account number, and the target needs to make a payment in the exact amount of the last Verizon Wireless payment, which would be transferred back to the account. Additionally, they claim Verizon Wireless has a new policy of not utilizing or sharing bank or credit card information, instead advising the target to submit payment through Zelle.

In a separate campaign, threat actors notified the target that the account was flagged for suspicious activity as several iPhones were purchased and shipped to multiple addresses, including the home address on file. The threat actors confirmed the addresses and asked if the target made these purchases, who replied no. They claimed they could not stop the shipment because it had already left the warehouse, and the target would be charged for the phones unless returned. The target further replied no and requested to reroute the one package to the home address. The target then received an SMS text message with an authorization code, which was shared with the threat actors.

The NJCCIC assesses with high confidence that threat actors will continue to use social engineering tactics to gain unauthorized access to accounts and commit further malicious activity. The prevalence of data exposed via breaches and information publicly available online highlights the importance of staying vigilant to help prevent successful social engineering attempts, account compromises, identity theft, and fraudulent activity. 

Recommendations

The NJCCIC recommends users and organizations educate themselves and others on these continuing threats and tactics to reduce victimization. It is highly advised that users refrain from responding to unsolicited communications, clicking links, and opening attachments from unknown senders and exercise caution with communications from known senders. If you are unsure of the legitimacy, contact the sender via a separate means of communication – such as by telephone – obtained from trusted sources before taking any action. If correspondence contains requests for account changes or is otherwise suspicious, contact the wireless carrier directly before providing sensitive information or funds. Additionally, check accounts regularly, ensure multi-factor authentication (MFA) is enabled on accounts, and treat Zelle and other peer-to-peer payment apps like cash payments, sending money to only people you know and trust. Report suspicious activity to the respective wireless carrier immediately and the FTC, FBI’s IC3, and the NJCCIC to limit proliferation.

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.