Category: Shipment Tracking

A spooky october

10/11/2022

Trick or treat? Well, this post is a treat of 2 tricks that were sent to me. The first trick I received as a text from what doesn't even appear to be a phone number. Poor grammar and a strange flow. What is "FRM"? Why am I getting a "Voucher"? How can you expose something when you turn around and claim it is a give away? I'll turn this trick down.

"FRM:[LINK] (Voucher#NLXR49) MSG:[RANDOM CONTENT] (Voucher#NLXR49)"

The next trick at least tried. An actual phone number and a somewhat coherent sentence. But that is it. The link/URL is obviously fake. There is a clear grammatical error. Lastly, what is "USP"? Are they claiming to be "USPS" or "UPS"? Or was this sender incredibly lazy and forgot the "S" at the end? We will probably never know.

"[ORGANIZATION]-Your package has been held up due to an address is incorrect, please complete the address in time. [LINK]"

Summer Update

7/25/2022

I honestly haven't received any SMS phishing attempts since February 2022, ~5 months ago. With lack of content phishing attempts I haven't had the chance to add anything to the blog. However, just recently I did receive 2 more phishing attempts. Both of which were within 10 days of each other. Maybe this has something to do with summer travel and people going on vacation? Quite possibly.

The first SMS received was another typical delivery confirmation (see below). It was stating that the delivery address was incorrect and that I need to click this link to update my information or else the package will not be delivered. No mention of the carrier (UPS, FedEx, etc.) nor the store (Amazon, Target, etc.). This is immediately flagged as a phishing attempt.

"Your delivery address is incorrect and the package cannot be delivered, please update the address information in time at the link. [LINK]"

The second SMS received was actually a bit more clever (see below). With people traveling this summer you are more often than not going to receive notifications from your bank or card issuer that your card has been locked due to "suspicious activity" since you may have travelled out of state and made a large purchase. It looks somewhat legitimate, but with it being all caps, strange grammar, and a specific call out to a very popular vendor (Apple) - it immediately raises a red flag for me.

"[BANK]:CARD LOCK DUE TO [MONEY AMOUNT] WAS SUBMITTED TO [COMPANY] NOT YOUR REQUEST? VISIT [LINK] TO CANCEL"

Oddly enough, I actually received one last week that was legitimate. A purchase was made out of state and the bank immediately sent a similar text saying that the card was locked. I appreciate the ability of banks to respond quickly, but it assumes the user has trust in the delivery mechanism. Even though I received the legitimate text, I called the bank directly and asked about it. Anymore, if an institution reaches out to me via text - I inquire through a different channel as the possibility for phishing has steadily been rising over the past few years. Besides, with so many accounts being linked to personal phones - there is the risk that any engagement with a fraudulent phish attempt will result in a compromised account.

Another shipment tracking...

11/20/2021

It has been a few months since I received a phishing text. On one hand I was glad, on the other I was sad since I need keep this blog up to date with fresh content. Coincidentally, the same day I was thinking about this I finally received a text.

This one is similar to the USPS one, asking to click a link to view your tracking information, however the senders of this one need to know their audience. Instead of the word "package" they used "parcel". Right when I read that word I knew immediately this was spam. Then reading further into the text it is so very vague and the link makes no sense. Additionally, why would I click a link to "check" my shipping address? It is not even close to realistic text.

"Shipment Tracking: Hi, your parcel with tracking code [ID] is waiting for you to check the shipping address: [LINK]"

Older Attempts

5/6/2021

I ran through my Messenger app on my Mac and noticed a few texting attempts in the past few months other than those I already posted about. The Amazon attempt must be popular as this is the second time I received one. The USPS one was an interesting attempt.

"Congratulations [Name], you came in 3rd in [Month] Amazon pods raffle! Click the link to : [LINK]"

"USPS: the arranged delivery for the package [String] has been changed. Please confirm here: [LINK]"

A spooky october

Summer Update

Another shipment tracking...

Older Attempts

Author

Archives

Categories