It’s always a scam. Even if you aren’t sure, NEVER click the link. You can always check via official websites (for scam messages involving bank accounts, Itsme, government, etc.).
Scam
I don’t even have “it’s me” and I get these frequently
A good way is to check the URL – the part behind HTTPS://
In this case it’s “its-bevestiging.com”
Googling for “itsme” shows you that the official site is “itsme.be”
So yes, this is 100% scam.
Also when the phone number of the person is a full phone number, it oftentimes is a scam
Itsme should *always* be .be and not .com. That’s your first clue.
Never open unexpected links you get in messages apps ever. There is no reason. Instead go to the official site of whatever the message claims to be by manually typing the official website in your browser. Try to log in there and see it you have any pending actions.
To be clear: the official website is not the same as the link given in the message. Disregard the url in the message. Use google to find the official website of (in this case) itsme.
Send it to safe-on-web, they will follow it up and take the website down.
– The real service would know and use your name
– As pointed out by others: the URL is dodgy
– The real service would always tell you to go to their page and select “Security”, “Account”, or whatever
– A typo (rasion instead of raison). Granted, they are getting better at it
I submitted an abuse report with the company that hosts their server (DigitalOcean). If they take it down quickly, that should slightly annoy the criminals 🙂
I got shitloads of itsme spam in my mailbox…its insane, cant stop it. I just sort by name and shift+delete.
If anyone has to ask this … We urgently need a cybersecurity campaign.
100% fake. Itsme also regularly advertises it never contacts you via txt or e-mail to reactivate.
No service **should** ever text you to change passwords, reconfirm, …
All services **should** send an official letter, that is **verifiable** by calling them on their official support lines (independently).
They **should** always host these things on their own servers, own domain name, their certificate/credentials.
If they don’t, you **should** get another provider for said service.
If all else fails, reconfirm all messages by calling the support numbers listed on **official** sites. Always look them up, **never** call numbers given in emails, *or even letters*.
Following these small set guidelines, only very intricate man-in-the-middle attacks could possibly still point you to scammers (afaik), in which case, the best guideline is to never trust anybody on the phone, and force them to verify themselves. The harder it is to social engineer you, the better, most scammers **hate** spending a lot of time on target acquisition, while an actual helpdesk employee will do everything for you (but don’t pester them, you know, they’re only trying to do their job).
EBox and Doccle etc. are your friends. Even when they are sometimes just vehicles to give you PDF’s that link to actual gov-sites.
a random text message or email is almost always a scam. Remember this rule and you won’t get scammed.
Wat doet je twijfelen naar de echtheid ervan?
You think?
Ik heb die teruggestuurd met “paljas”.
Als je een verdacht bericht krijgt en het is een gewoon nummer is dit 100% scam. Zelfde bij mail als je twijfels hebt kan even naar het mail adres kijken al veel helpen. Zelfde over die koppeling it’s-bevestiging… zou logischerwijs eerder itsme/vestigingen zijn. Maar duim op, voor jou, bij twijfels iemand anders vragen.
Block the sender and delete the message.
Scam! I’ve gotten like three of these three last week
good site to check on is virustotal.com
2 phishing flags
Yep Scam,
They alsio have different ones via mail…
“Verleng uw toegang tot ltsme voor uw apparaat”
Given that this subreddit still gets these stupid questions regarding scam or not scam, I could only imagine how many people actually fall for these. I don’t even bother with SMSes anymore that come from an unrecognised number and that isnt an 8*** number. If they really want to get a hold of me, they know where I am
How can people still doubt this kind of stuff?!?
4 indicators it’s a scam:
* Typo in the French version.
* Comes from unofficial channel (you have an itsme app to do that).
* the link doesn’t go to itsme, they’re not even trying to hide it.
* They say you have to do it TODAY.
how can it be a scam??? VRT NWS said it’s always safe if it’s https! /s
Itsme will NEVER text you, unless u’re setting up itsme for the first time.
But that url is already obvious its fake.
Scam and not even a smart one.
Just look at the phone number.
It’s just a regular Belgian cellular number, not one of those 4 digits automatic system.
And the url doesn’t even looks like itsme.
Anyway, in doubt, just open yourself your app and check if there is a message.
Never click on a link that you don’t expect !
Ofcourse it’s a scam come on
Good that you are suspicious, always be suspicious.
Spelling mistakes, dus it’s a scam
I had the text and received an email. It’s a normal phonenumber and a wrong email adres. It’s fake.
Never click links like this – always open the app itself. If there is an issue (e.g. update or security issue or whatever), you WILL get a notification in the app itself.
LOL
And it still works! Even after 15+ years
Easiest way to not get scammed is to just go to google, and log in through the official website.
If there actually is a problem they’ll warn you upon logging in, if there wasn’t an issue, you evaded a scam.
This sub literally gets a post like this every couple of weeks. I’m sorry to say but you’re dumb for even doubting this.
I don’t see how people still don’t recognise all the red flags instantly.
* Why would Itsme ever text you?
* Why would their communication be bilingual?
* Why would they use its-bevestiging.com?
48 comments
Yes, it’s a scam.
Yup, scam. Got it too yesterday.
It’s always a scam. Even if you aren’t sure, NEVER click the link. You can always check via official websites (for scam messages involving bank accounts, Itsme, government, etc.).
Scam
I don’t even have “it’s me” and I get these frequently
A good way is to check the URL – the part behind HTTPS://
In this case it’s “its-bevestiging.com”
Googling for “itsme” shows you that the official site is “itsme.be”
So yes, this is 100% scam.
Also when the phone number of the person is a full phone number, it oftentimes is a scam
Itsme should *always* be .be and not .com. That’s your first clue.
Definitely scam
verdacht@safeonweb.be hou should send this at this email
Never open unexpected links you get in messages apps ever. There is no reason. Instead go to the official site of whatever the message claims to be by manually typing the official website in your browser. Try to log in there and see it you have any pending actions.
To be clear: the official website is not the same as the link given in the message. Disregard the url in the message. Use google to find the official website of (in this case) itsme.
Send it to safe-on-web, they will follow it up and take the website down.
https://safeonweb.be/nl/wat-verdachtsafeonwebbe
Typo in french : scam.
– The real service would know and use your name
– As pointed out by others: the URL is dodgy
– The real service would always tell you to go to their page and select “Security”, “Account”, or whatever
– A typo (rasion instead of raison). Granted, they are getting better at it
I submitted an abuse report with the company that hosts their server (DigitalOcean). If they take it down quickly, that should slightly annoy the criminals 🙂
I got shitloads of itsme spam in my mailbox…its insane, cant stop it. I just sort by name and shift+delete.
If anyone has to ask this … We urgently need a cybersecurity campaign.
100% fake. Itsme also regularly advertises it never contacts you via txt or e-mail to reactivate.
https://www.itsme.be/blog/louche
Yes scam
Lol, .com, sounds legit…
Yes, phishing.
The poor French version with the typo (rasion for raison) is another clue.
Never ever trust user- or customer service through text messages. Even e-mail can be sketchy. Always initiate contact yourself, that way you’re sure.
Never ever ever ever ever ever ever ever ever ever ever ever ever ever ever ever ever ever ever ever ever ever ever ever ever follow links in unsolicited texts.
No service **should** ever text you to change passwords, reconfirm, …
All services **should** send an official letter, that is **verifiable** by calling them on their official support lines (independently).
They **should** always host these things on their own servers, own domain name, their certificate/credentials.
If they don’t, you **should** get another provider for said service.
If all else fails, reconfirm all messages by calling the support numbers listed on **official** sites. Always look them up, **never** call numbers given in emails, *or even letters*.
Following these small set guidelines, only very intricate man-in-the-middle attacks could possibly still point you to scammers (afaik), in which case, the best guideline is to never trust anybody on the phone, and force them to verify themselves. The harder it is to social engineer you, the better, most scammers **hate** spending a lot of time on target acquisition, while an actual helpdesk employee will do everything for you (but don’t pester them, you know, they’re only trying to do their job).
EBox and Doccle etc. are your friends. Even when they are sometimes just vehicles to give you PDF’s that link to actual gov-sites.
a random text message or email is almost always a scam. Remember this rule and you won’t get scammed.
Wat doet je twijfelen naar de echtheid ervan?
You think?
Ik heb die teruggestuurd met “paljas”.
Als je een verdacht bericht krijgt en het is een gewoon nummer is dit 100% scam. Zelfde bij mail als je twijfels hebt kan even naar het mail adres kijken al veel helpen. Zelfde over die koppeling it’s-bevestiging… zou logischerwijs eerder itsme/vestigingen zijn. Maar duim op, voor jou, bij twijfels iemand anders vragen.
Block the sender and delete the message.
Scam! I’ve gotten like three of these three last week
good site to check on is virustotal.com
2 phishing flags
Yep Scam,
They alsio have different ones via mail…
“Verleng uw toegang tot ltsme voor uw apparaat”
Given that this subreddit still gets these stupid questions regarding scam or not scam, I could only imagine how many people actually fall for these. I don’t even bother with SMSes anymore that come from an unrecognised number and that isnt an 8*** number. If they really want to get a hold of me, they know where I am
How can people still doubt this kind of stuff?!?
4 indicators it’s a scam:
* Typo in the French version.
* Comes from unofficial channel (you have an itsme app to do that).
* the link doesn’t go to itsme, they’re not even trying to hide it.
* They say you have to do it TODAY.
how can it be a scam??? VRT NWS said it’s always safe if it’s https! /s
Itsme will NEVER text you, unless u’re setting up itsme for the first time.
But that url is already obvious its fake.
Scam and not even a smart one.
Just look at the phone number.
It’s just a regular Belgian cellular number, not one of those 4 digits automatic system.
And the url doesn’t even looks like itsme.
Anyway, in doubt, just open yourself your app and check if there is a message.
Never click on a link that you don’t expect !
Ofcourse it’s a scam come on
Good that you are suspicious, always be suspicious.
Spelling mistakes, dus it’s a scam
I had the text and received an email. It’s a normal phonenumber and a wrong email adres. It’s fake.
Never click links like this – always open the app itself. If there is an issue (e.g. update or security issue or whatever), you WILL get a notification in the app itself.
LOL
And it still works! Even after 15+ years
Easiest way to not get scammed is to just go to google, and log in through the official website.
If there actually is a problem they’ll warn you upon logging in, if there wasn’t an issue, you evaded a scam.
This sub literally gets a post like this every couple of weeks. I’m sorry to say but you’re dumb for even doubting this.
I don’t see how people still don’t recognise all the red flags instantly.
* Why would Itsme ever text you?
* Why would their communication be bilingual?
* Why would they use its-bevestiging.com?
Always a scam.