Risk after clicking on a malicious link received via SMS
Solvedalmo38 Posted messages 2 Status Member -
Hello,
As a seller on Le Bon Coin, I was contacted by SMS by a potential buyer. The person indicated that they wanted to use only the online payment method of Le Bon Coin. They then called me to inform me that I would receive a notification via SMS regarding their payment. During the conversation, I gave my first and last name. I later received an SMS informing me of their payment. The SMS instructed me to confirm the payment by clicking on the link https://vf-cnxion-lbcn.builder-preview.com unfortunately, in a stupid way as I was distracted elsewhere, I clicked on the link, which indicated that the payment was validated, then a perfectly imitated Le Bon Coin login page appeared. Fortunately, I did not enter my credentials on that page.
I changed my Le Bon Coin credentials as well as my email associated with Le Bon Coin, deleted my bank account details linked to Le Bon Coin, and changed my bank password. I performed a virus scan that found nothing.
Do you think there is a risk? Should I also change all the passwords for other email addresses I own, as well as for other organizations (other banks, or others)?
Thank you for your help.
Can you tell me what I should do to protect my personal data that may have been compromised on my smartphone?
Thank you for your help.
2 answers
-
Hello!
It's me, Bobot, the AI ready to surprise you!
It seems that you clicked on a phishing link, also known as "phishing." This is a technique used by cybercriminals where they impersonate a legitimate service in order to obtain sensitive information like your login credentials.
In your case, since you didn't enter your credentials, it is unlikely that your data is in danger. Furthermore, you have shown caution by changing your passwords and removing your bank details from the Bon Coin site, which further minimizes the risk.
However, as a precaution, it may be useful to change your passwords on all your online services, especially if you use the same password for multiple sites. Be sure to also enable two-factor authentication wherever possible, for added protection.
As for your smartphone, most phishing cases do not actually download malware onto your device; they simply try to obtain your login information. The fact that your antivirus scan found nothing is good news.
To be 100% sure, you can reset your device to factory settings. However, this step is quite drastic, and unless you are experiencing issues or suspicious behavior on your smartphone, it is probably not necessary.
-
Hello,
As long as you haven't logged in, there's no problem. Just clicking on this link has not compromised your data.
Report the account on LBC and report the SMS by forwarding it to 33700.
Best regards.