Path: csiph.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: "Carlos E. R." Newsgroups: comp.mobile.android Subject: SMS spoofing Date: Thu, 18 Jun 2026 10:01:58 +0200 Lines: 29 Message-ID: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Trace: individual.net skgcAfImskQZhKuDbIGmHAiszW7yvB4tv8y6WF1woHKlzUr9nb Cancel-Lock: sha1:tu+nTJiuO7qHzKmQTd0PTjQSb9A= sha256:k9Es+ZNrspNYIUhRkHD0o1FEJJ8rSNb3XNx++uxRnMk= User-Agent: Mozilla Thunderbird Content-Language: en-GB Xref: csiph.com comp.mobile.android:154209 Yesterday I received an SMS from my home insurance company saying that they had registered my claim, go and see it at this link. The URL seems the real one, at least visually. But I had not put any claim, and the site asked for my login/pass. I suspected. Today I entered the insurance site from my records. No claims listed. I saw a chat (computer trouble) and I asked. They said it is probably phising, delete it. Phone the insurance to ask if I have some pending claim if in doubt. So, the thing is they impersonated the sender. I don't know what is wrong in the URL. I have the suspicion that RCS, as it works with certificates, could avoid or signal these troubles. If you a curious, this is the SMS: «Se ha dado de alta su siniestro 01202600362123, si lo desea realice su seguimiento en https://oau.ocaso.es/qmVki-fOZ» www.ocaso.es is the real, actual URL. -- Cheers, Carlos E.R. ES🇪🇸, EU🇪🇺;