The current wave of SMS phishing claims that the package cannot be delivered. Under no circumstances should you click on the link.
Users in Austria recently started receiving Suspicious text message. These will be sent via Short code for SMS sender. Instead of a number, the sender is just “information” is displayed. The full text of the message reads:
“Delivery of your package has been held up due to the lack of a house number on the package. Please update:” Next is a link created using the URL shortener Cutt.ly.
Treacherous, but with revealing details
This message is treacherous. Grammar and spelling rules So far correct except for “Please update:”. Perhaps a company in German-speaking countries has added something that needs updating.
Pitfall #2 is that users are now accustomed to short SMS codes. These are mostly used by companies For informational or marketing purposes Used to inform customers. Two-factor verification codes are also sent this way.
Some companies are relatively poor at choosing a good sender, so “information” as a sender is not unrealistic. Short codes via SMS on the subject of roaming are used by mobile operators, for example purple with the senderWelcome” sent instead of “purple”. UPS And Arlo Use Monday”InformationSMS“As a sender.
The “info” leaves the sender open as to whether the package is supposed to be from Amazon, the post office, DHL, DPD or another delivery company. No specific deliverer is named in the text either. This creates 1) curiousityWhat type of package and 2) theyBecause the probability of waiting for some parcels is relatively high.
➤ Read more: How should telephone fraud be prevented in Austria?
URL shorteners are always suspicious
But if you think about it a little, you won’t fall for this psychological trick. A text message from a delivery person will contain at least the text Name of the delivery representative It contains. Moreover, the delivery person will not have one URL shortener Unless it has its own URL shortener, such as Amazon (amzn.to).
Here a URL shortener is used To hide the real link. In the case of the fraudulent SMS received by Futurezone, the link leads to post-atr.icu. The URL was first today, registered on 6 October 2023, with the Registrar of Singapore. Hence a phishing campaign is most likely running Highly automated far. The bot registers a new URL for each wave. This makes it difficult for providers and registrars to protect users because it means that potentially dozens of URLs are blocked every day.
Additionally, the URL of this example is locked. If it is accessed in containers or VPNs, it redirects to the Russian portal Yandex. One might assume that if they are opened in a regular browser on a cell phone, a Phishing site or Subscription trap site Opens. In some cases, attempts are also made to install malware on the smartphone using the drive-by download method.
➤ Read more: What should I do if I fall victim to a phishing email?
Read carefully, don’t click on anything
As always with such SMS and similar emails: Read carefully, analyze and do not click on any links. If you are really concerned about your parcel, go to the website of the relevant delivery company and enter the tracking number there.
If you receive a fraudulent text message, you can report it on many smartphones. For Samsung smartphones, for example, you can tap the three-dot menu at the top left, then tap “Details” and “Block & Report Spam.”
Lifelong foodaholic. Professional twitter expert. Organizer. Award-winning internet geek. Coffee advocate.