Western Union Phishing – Fake “Receive Money” Scam
This phishing campaign impersonates Western Union, a legitimate money transfer service. The scam is presented in two steps:
A fake “tracking” page claiming money is ready to be received
A payment page designed to harvest credit card details
How it works:
The victim likely receives an email, SMS, or social media message claiming someone has sent them money via Western Union. The message includes a link to the first phishing page.
Step 1 – The Fake Tracking Page (First Screenshot)
This page displays:
A tracking number: 14773881745
An amount: 30000 Rs (30,000 rupees, approximately $360 USD)
A “Receive Money” button
The page mimics Western Union’s branding and claims the victim can “receive money your way all world.” To claim the funds, the victim is instructed to click “Receive Money.”
Step 2 – The Credit Card Harvesting Page (Second Screenshot)
After clicking “Receive Money,” the victim is taken to this page, which asks for:
Card Number
Card Holder name
Expiry Date
Option to “Save this card”
The page falsely claims to be secure (“protected by ssl (https) and pci das standards”) to lower suspicion.
The goal:
The attacker aims to steal full credit card details. There is no money waiting to be received—the entire “tracking” page is fabricated. If the victim enters their card information, the attacker can make unauthorized purchases, withdraw funds, or sell the card details.
Red flags to watch for:
No login required: Legitimate Western Union money transfers require the recipient to provide tracking information (MTCN) and identification—not credit card details—to receive money. You never need to enter a credit card to receive funds.
Fake tracking number: The tracking number format does not match Western Union’s standard MTCN (Money Transfer Control Number) format.
Currency mismatch: The page mixes English with “Rs” (rupees), which may indicate targeting of specific regions but lacks professional localization.
Unnecessary card request: Receiving money through Western Union never requires the recipient’s credit card information. This is the clearest red flag.
Generic security claims: The second page claims PCI compliance but provides no verifiable security details (e.g., no padlock icon, no recognizable payment processor branding like Stripe or Braintree).
Suspicious URL: Both pages are hosted on domains that are not westernunion.com.
What to do if you encounter this:
Do not click “Receive Money” or enter any credit card details.
If someone has actually sent you money via Western Union, go directly to westernunion.com or use the official app. You will need the MTCN (tracking number) and valid identification—never a credit card.
Report the phishing page to Western Union’s fraud team at [email protected].
Why this scam is effective:
The promise of receiving a large sum of money (30,000 Rs) creates excitement and urgency, overriding critical thinking. Victims may believe they need to “verify” their identity or “activate” the transfer with a credit card. Scammers often pose as a “buyer” on classified ad sites (e.g., Facebook Marketplace, OLX) claiming they’ve sent payment via Western Union and need the victim to “click the link to receive it.” In reality, the link steals card details.
Protective measures:
Never enter credit card information to receive money through any service
Always type the official URL of financial services directly into your browser
Be wary of unsolicited messages claiming unexpected money transfers