Zelle users targeted with social engineering tricks

Cybercriminals have been leveraging social engineering techniques to impersonate the popular US-based digital payments network Zelle and steal money from unsuspecting victims, according to Avanan.

Zelle social engineering

The fake Zelle email (Source: Avanan)

The phishing email

The spoofed email is cleverly crafted to look as legitimate as possible: it contains the Zelle logo, grammatically correct text, and an authentic link to the firm’s web page at the bottom of the email, in the “security and privacy” footer. However, it also includes a malicious shortened link.

Users are instructed to click on the link to accept a pending money transfer. If they do it, they get redirected to a lookalike Zelle page designed to gain users’ trust. Instead of getting money, they may end up sending money to the hackers.

Spotting fake emails

What distinguishes this malicious email from legitimate ones is the sender’s email address (contact@exgloimportexport.com), which is obviously not related to Zelle. But many users don’t check the sender’s email address and may fall for the scam.

Users should always be careful when perusing unsolicited emails, and always verify the sender’s email address. If the email is not from a company’s domain, it’s probably a scam.

“The only domain extension used by Zelle is @Zellepay.com. Zelle does not use <@gmail.com> or any other domain such as <@aol.com>, <@yahoo.com>, or any other common email domain,” the firm explains.

To make sure the domain is legitimate, users should inspect the domain at the end of the email string. If it belongs to Zelle or the user’s bank, it should show @Zellepay.com or @YourBank.com. Users should be on the lookout for misspellings, too.

It is also essential to check URLs before clicking on them. Shortened links can be unshortened via free online tools like Unshorten.it, and then the reputation of the longer links checked via tools like VirusTotal.

Don't miss