A few weeks ago, I started to receive weird SMS messages claiming to be from Nordea bank. It’s one of the big banks in Denmark. The text message instructed me to update the banking app. The thing is, I am not a Nordea customer and don’t have the Nordea app in the first place. 

In this article, I want to teach you how not to become a victim of these silly phishing attempts and how to use available internet resources to do your investigations to conclude if something fishy is going on.

We start with a phone number. Krak.dk, a Danish search service, finds a phone number belonging to the talk time card. But unfortunately, the Google search engine is silent. Telnyx number lookup service produces this result:

{ "data": { "country_code": "DK", "national_format": "55 21 36 37", "phone_number": "+4555213637", "fraud": null, "carrier": { "mobile_country_code": "238", "mobile_network_code": "02", "name": "Lebara Denmark ApS", "type": "fixed line or mobile", "error_code": null }, "caller_name": null, "nnid_override": null, "portability": null, "record_type": "number_lookup" } }

A quick checkup on Mobilepay indicates that a person never registered the number with a Mobilepay account. Therefore, it is most likely a throw-a-way SIM card.

So, without jumping into the contents of an actual message, I can already say that it is indeed a scam, a phish, you name it. Plus, banks would never communicate such information via SMS.

Now for actual message content, there was a link to the TinyUrl. It’s a service that shortens web links. I used the URL Scan page to submit the link for deeper inspection. You can see vital information, such as web page screenshots, without opening an actual connection.

A screenshot showed that TinyURL suspended the page as it violated their Terms of Service. It is an excellent indicator of malicious intent. With all the puzzle pieces in place, I can conclude that Nordea SMS was a silly phishing attempt. 

We have a number that leads to a burner SIM card and a link already removed by TinyUrl staff. Case closed.

As for common sense, remember that banks wouldn’t issue updates via SMS. Instead, all updates go through the APP store. Also, nobody would contact you and lead you to some weird web places. These are just a few tips to protect yourself and others from malicious people. I hope the article helps you. Thanks for reading, and stay safe.