Personal Finance & Money Asked on July 2, 2021
I received a strange SMS which my Android phone classified as spam (first time that has ever happened to me):
It says
Hello [My surname and name, misspelled] Your package is still pending. Confirm your information here: [URL].
Normally, I would ignore such messages outright. But two days ago, I made a purchase from a Chinese seller on Etsy and decided to also enter my phone number, to increase the odds of being notified if my package is stuck in customs. So I wonder if the message is somehow connected to the purchase. The seller itself seems legit, with 1000+ real-looking reviews collected over a couple of years.
I did click on the link (I know, it was stupid, in hindsight), saw a DHL logo loading, and closed the site again without waiting to see what else is there.
I am now wondering what may have happened. Is this a mere coincidence, with me randomly receiving spam via SMS (something I have never had before)? Or is it some scam connected to the purchase? Maybe the seller didn’t do anything bad, but a rogue employee in the shipping service read my number off the package label and entered it into a scammer’s database? Or could it even be that some small local delivery company is trying to give me a real way to track my real package, but their system is terribly implemented?
What is also strange is that my real name is on the message – but misspelled, in a way that just screams "human error". I don’t know how the message sender got my number, but it was not from some electronic form where I entered my own name.
I am leaning towards the scam interpretation, but I have never heard of that particular scheme before. Is it known, and is there something I have to/can do to protect myself further?
Messages like this (I've usually seen them without the name) are often phishing messages with the goal of getting you to provide your personal information to enable the scammers to do nefarious things (gain access to your bank accounts, borrow money in your name, etc.). Having some of your information, but not enough for such actions, can make it easier for a scammer to craft a believable message to get the rest of your information needed for such theft. I would typically consider this a phishing message and ignore it (and maybe worry about where they scammer got my name and phone number - if publicly listed information, not much a of a problem, but if stolen from somewhere then what else might they have gotten with it?).
Since you are expecting a package (and it sounds like you don't know how it will be shipped), it is possible that this is legitimate. This means that if you follow the link and enter your information, either 1) you get details about your shipment or 2) your information gets stolen. Rather than take the risk, you should contact the seller/shipper directly and ask for an update or tracking information related to the package.
Answered by yoozer8 on July 2, 2021
Why don't you contact the seller you bought from through Etsy itself and ask if they have the information correct to shi your merchandise?
Since you bought it through Etsy then that seems like the simplest solution.
Otherwise, consider it a phishing scheme and don't fall for it.
Answered by RiverNet on July 2, 2021
There is a recent scam going the rounds which is very similar to this. See US warning and UK warning and the comment by BernhardDöbler on Germany.
The basics are that you get a text supposedly from a mail/parcel/delivery service with a link. Either in the text or on the website if you click on the link, you are advised of a minor additional payment needed, and asked to enter payment details which can then be stolen.
In these times of lockdown, a lot of people have ordered items online and are likely to expect packages, so this scam doesn't even need to be specifically targeted at anyone.
Do not click the link - or if you do, do not enter any details on the website (and leave quickly as OP did).
If you need to check on the parcel, talk with the seller as the other answers suggest
Answered by Dragonel on July 2, 2021
Just a phishing attempt.
I checked trasuawhite.com
which is cited in the text. I can't recognize the language/alphabet, but looks like a fastfood/restaurant.
This screenshot is interesting. Perhaps the website owner doesn't spend much time or resources on maintenance, and the website uses WordPress, one of the most famous and most attacked CMS ever.
The website was hacked in order to upload a phishing website under the /pkge/ directory. Clearly the main website is not a parcel delivery service. By not having the full URL, which may contain some fake delivery ID code, I couldn't display the page asking for information
Why I "clicked" on the link", or at least why I tried reaching the website
In general, it should be advisable not to click for a variety of reasons. If the linked page asks for credentials or payment (as described in the other answers) it is mostly innocuous. Some phishing pages also ask for installation of extensions (read, malware). A rare number of page might exploit a browser vulnerability to install malware without user consent. Another number of page will attempt to redirect the browser and clevery use Javascript to prevent the user from leaving the page.
This is why general users should not attempt to follow the links, and why security experts would use a container/VM to try to browse the affected website. Experienced users know how to clear cookies, correctly close a tab that refuses to be closed.
Answered by usr-local-ΕΨΗΕΛΩΝ on July 2, 2021
Had a similar one in an email last week (U.K.) DHL logo, the lot. Said that in order to deliver my parcel (I'm expecting several), would cost me £2. Asked for details of card so I could pay. Needed a code, which arrived at the same time on my phone. Given 2 minutes to tap in code. Stupidly I did it all, then realised it was a scam.
There was a list of others, all with same email provider, all in alphabetical order. Bit of a giveaway! Couldn't confirm with DHL, so rang bank, cancelled card - they were luckily too slow to clean me out, but still have relevant details.
Do nothing, please.
Answered by Tim on July 2, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP