Url looks suss. Seems kinda sophisticated for the usual ups fishing scam. Here’s the text message I got leading here.

“Wishing you a bright and sunny day!” Lol, I almost want to help this guy by explaining that UPS and American companies in general have disdain for their customers and would never wish them to have anything that would not benefit the company.

  • hendrik@palaver.p3x.de
    link
    fedilink
    English
    arrow-up
    298
    ·
    edit-2
    25 days ago

    I seriously doubt USPS bought a domain like gflrml dot cyou for their business. It’s 300% a scam.

    • givesomefucks@lemmy.world
      link
      fedilink
      English
      arrow-up
      33
      arrow-down
      2
      ·
      25 days ago

      The text message is the big red flag, that’s obviously a scam and has been happening for at least a year. Most scam texts are filtered on my phone, but a few of these slip thru.

      I guess they’re just trying to tie phone numbers to addresses so they can sell the phone list for more info.

      Especially with people keeping their cell number while moving states, tying an address to the number and verifying it’s that person would be a tidy profit.

        • QuadratureSurfer@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          24 days ago

          Unfortunately I can think of one company in particular that uses tinyurl when you sign up for shipping updates on their website (looking at you Samsung!).

          At least with that one:

          • you know you signed up for it
          • they send a text right when you sign up for it
          • they use an official short SMS (5 digit) number.
    • SatyrSack@feddit.org
      link
      fedilink
      English
      arrow-up
      10
      ·
      25 days ago

      Also, is it common for a legitimate government agency to use a third-party link shortener like bitly?

    • SkaveRat@discuss.tchncs.de
      link
      fedilink
      arrow-up
      107
      ·
      25 days ago

      Reminds me of my previous bank.

      They changed some system countrywide, so I got an email that I need to update some data and go to a website to do that.

      If was something like “update-[bankname]-data-now.tld”.

      It was sent to a unique mail address I used for them. But still though it was phishing.

      Turns out: No. It was real. Whoever came up with the idea to not host that stuff on at least a subdomain of the bank really needs to get fired. and each and every manager who was part of the decision process.

      • hendrik@palaver.p3x.de
        link
        fedilink
        English
        arrow-up
        32
        arrow-down
        1
        ·
        edit-2
        24 days ago

        Had that happen, too. We all try to educate users to NOT click on some dubious phishing/scams and put in qute some effort to explain it over and over again, and then there are companies doing things like that. It’s just sad.

        • conciselyverbose@sh.itjust.works
          link
          fedilink
          arrow-up
          16
          ·
          24 days ago

          lol I have to go back to the bank (when there’s a manager, because there wasn’t last time🤦‍♀️), to turn online banking back on for my account.

          It got turned off because I didn’t pick up some spam call they made.

      • Th4tGuyII@fedia.io
        link
        fedilink
        arrow-up
        46
        arrow-down
        1
        ·
        24 days ago

        Ugh. I work in the public sector and let me tell you, there are SO many companies that send the most dogiest, scammiest looking emails telling you to follow a link, only for it to turn out to be perfectly legitimate.

        I honestly can see now why people end up falling for these things when even legitimate companies send emails looking just like phishing scammers

  • Ech@lemm.ee
    link
    fedilink
    English
    arrow-up
    61
    arrow-down
    2
    ·
    edit-2
    24 days ago

    Why the fuck did you click a link like that in the first place? That first message is basically screaming at you that it’s a phishing attempt.

    Best opsec is to delete and block, ideally without opening it at all to avoid read receipts (if that’s a function in your phone). If you think it might be legit, go to the website on your own and find a way to confirm independently. If that’s still too much to follow through with, at the very least don’t click random links sent to you unprompted.

    • JoshCodes@programming.dev
      link
      fedilink
      English
      arrow-up
      15
      ·
      24 days ago

      Hey dude, you had an opportunity to educate someone and instead you belittled them. As someone who works in cyber, please don’t do that. People get stigmatised against cyber and IT professionals and they stop trusting us. Users don’t know what we do, so be kind to them the way you should be kind to anyone learning new things. https://xkcd.com/1053/

    • Ihnivid@feddit.org
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      24 days ago

      Could someone educate me on the possible damage clicking a link can bring, assuming I’m not interacting with the website any more than that?

      Not doubting there’s damage, just curious. I’d think they’d get some maybe usable info from fingerprinting or something? Could javascripts lead to more serious problems?

      • nova_ad_vitum@lemmy.ca
        link
        fedilink
        arrow-up
        5
        ·
        24 days ago

        If you do nothing but click the link and then close the resulting website without clicking anything else, all that will happen is that they’ll know you’re someone who clicks such links and you’re likely to get more of them.

      • themoonisacheese@sh.itjust.works
        link
        fedilink
        arrow-up
        3
        ·
        24 days ago

        There could theoretically be a vulnerability in your browser that would allow them to infect you with viruses, but such vulnerabilities are much much more valuable used elsewhere (or cashed in through security research bounties). One I’ve seen is that the page further phishes you into downloading and installing an “update” to your browser that’s really a virus, or they simply try to phish you out of money, for example by asking you to pay the shipping costs again.

        It’s also a way to build lists of who actually clicks the links, that they resell to the next sucker (scamming is suckers all the way down, they all buy The Next Big Technique from some guy), ensuring you will get further spam in the future.

        There’s actually a fun technique to do to avoid further spams when it comes to voice calls. A little know fact is that elevator call buttons are actually just phones that have a phone number, and if you dial the number, it will automatically answer and you will hear whatever is in the elevator (generally nothing). If you pick up but don’t say a word, their automated systems will flag you as an elevator phone number and they will stop calling in order to stop wasting resources on calling numbers that won’t lead to money.

  • Zier@fedia.io
    link
    fedilink
    arrow-up
    21
    ·
    24 days ago

    USPS tracking numbers are never “US000000” they are only digits.

    • derfunkatron@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      24 days ago

      This can even be checked at https://tools.usps.com. Try to track the number or use one of the drop downs to see what different USPS service tracking numbers look like.

      I have received a legit “undeliverable package” status before but it will never be sent in a text like that. It will only display on the tracking history/status on the USPS tracking website for a given parcel.

  • psilotop@lemmy.world
    link
    fedilink
    arrow-up
    27
    ·
    24 days ago

    Aside from all of the red flags already listed in other comments…are you even expecting a package to be delivered? I almost never receive a package that I don’t expect

  • Sam_Bass@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    24 days ago

    How could you not? Do you buy things so often that that happens a lot? Ignoring the grammatical error of in instead of on, are you actually expecting a package with that numberwhich is not a typical USPS tracking number

  • x00z@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    24 days ago

    Even if this is true - which it isn’t - it’s much better to let packages be sent back to the sender than to take responsibility upon yourself.

  • Dogiedog64@lemmy.world
    link
    fedilink
    arrow-up
    27
    ·
    24 days ago

    This is 10000% a scam. That’s not the USPS url scheme. Plus, as a government entity, they’ll start correspondence through certified mail. Another question you could ask yourself is “Did I order any packages lately?” IF not, then more proof it’s a scam.

    • piccolo@sh.itjust.works
      link
      fedilink
      arrow-up
      4
      ·
      23 days ago

      I get emails from usps all the time, they have a service to alert you of mail and packages arriving. Though, they dont SMS, and wouldnt be using a bit.ly url.

  • TeoTwawki@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    23 days ago

    your first clue was the link in the next - no shipper is going to miss having its branding in the url. the second if that the url it redirects to its obviously random bs and if you do a whois you see its def not owned by usps.

    got a few of these phishing attempts myself over thanksgiving. holiday gift shopping season has begun, the scammers want to catch the less savy among us.

  • MagicShel@lemmy.zip
    link
    fedilink
    English
    arrow-up
    22
    ·
    25 days ago

    I get these scam texts all the time. It’s 100% a scam, and now that you’ve clicked it, you’ll probably get a bunch more scam in the near future, so be extra cautious.