Summary: This scam tries to trick you into filling a form with your payment information which signs you up to a subscription that costs, in this case, €40 per month!
The other day I received a text message that led to a phishing scam. I didn’t fall for the scam but I thought it would have convinced many people that I know, so I decided to publish this as a general warning and reminder to everyone to stay vigilant.
In these modern times I often order stuff online, and the attackers use this trend to catch people unawares. This attack started out in a fairly believable manner: a notification that a package has been held up in the distribution central.
Undeliverable package! Status: your package has been held up in the distribution central. Track your package: [short link]
I suspected a scam immediately, so I didn’t go to that link on my phone. Instead, I started a safe machine and typed the link into a web browser (in safe mode, to be extra sure).
The short link in the text message redirected to this page that was no less suspicious. First, the text message was in German but the page title is Danish, and the URL’s top-level domain
.pw refers to the island country of Palau in the Pacific Ocean. It is unlikely that DHL would use that domain.
Track package: [pre-filled code] Search
Clicking that search button showed a search result with this text:
Your package is on its way.
Current status: stopped in the distribution center. Reason: weight limit exceeded. Amount due: €2. Delivery will be processed within 24 hours after payment. [Pay now]
And clicking through to the payment screen gives me a form which I did not fill out, so my trail ends here. But notice the footer that says “Chances4prizes”! On another attempt it read “Enter2Gain” instead, and there was a copyright link to the ugly “small print” that, surprisingly, revealed that this was a subscription. That page was removed when I revisited to make these screenshots.
Please fill out the form: [first name, last name, address, phone, email]
So there you have it. If you believe the text message and think this process will release a package that is held up, then you have been fooled, and it will cost you. Don’t get fooled.