226
submitted 3 weeks ago* (last edited 3 weeks ago) by bulwark@lemmy.world to c/asklemmy@lemmy.world

Url looks suss. Seems kinda sophisticated for the usual ups fishing scam. Here's the text message I got leading here.

"Wishing you a bright and sunny day!" Lol, I almost want to help this guy by explaining that UPS and American companies in general have disdain for their customers and would never wish them to have anything that would not benefit the company.

top 50 comments
sorted by: hot top controversial new old
[-] hendrik@palaver.p3x.de 292 points 3 weeks ago* (last edited 3 weeks ago)

I seriously doubt USPS bought a domain like gflrml dot cyou for their business. It's 300% a scam.

[-] SkaveRat@discuss.tchncs.de 103 points 3 weeks ago

Reminds me of my previous bank.

They changed some system countrywide, so I got an email that I need to update some data and go to a website to do that.

If was something like "update-[bankname]-data-now.tld".

It was sent to a unique mail address I used for them. But still though it was phishing.

Turns out: No. It was real. Whoever came up with the idea to not host that stuff on at least a subdomain of the bank really needs to get fired. and each and every manager who was part of the decision process.

[-] Th4tGuyII@fedia.io 41 points 3 weeks ago

Ugh. I work in the public sector and let me tell you, there are SO many companies that send the most dogiest, scammiest looking emails telling you to follow a link, only for it to turn out to be perfectly legitimate.

I honestly can see now why people end up falling for these things when even legitimate companies send emails looking just like phishing scammers

[-] hendrik@palaver.p3x.de 28 points 3 weeks ago* (last edited 3 weeks ago)

Had that happen, too. We all try to educate users to NOT click on some dubious phishing/scams and put in qute some effort to explain it over and over again, and then there are companies doing things like that. It's just sad.

[-] conciselyverbose@sh.itjust.works 14 points 3 weeks ago

lol I have to go back to the bank (when there's a manager, because there wasn't last time🤦‍♀️), to turn online banking back on for my account.

It got turned off because I didn't pick up some spam call they made.

[-] givesomefucks@lemmy.world 29 points 3 weeks ago

The text message is the big red flag, that's obviously a scam and has been happening for at least a year. Most scam texts are filtered on my phone, but a few of these slip thru.

I guess they're just trying to tie phone numbers to addresses so they can sell the phone list for more info.

Especially with people keeping their cell number while moving states, tying an address to the number and verifying it's that person would be a tidy profit.

[-] skillissuer@discuss.tchncs.de 12 points 3 weeks ago

Link shortener (not their own at least) is another massive red flag, same with typos ('number number' in page)

load more comments (1 replies)
load more comments (2 replies)
[-] cerement@slrpnk.net 96 points 3 weeks ago

flip the question around: Why would you think this wasn’t a scam?

[-] otter@lemmy.dbzer0.com 78 points 3 weeks ago

Furthermore, wtf did they GO TO THE URL FROM A TEXT MESSAGE at all?! 🤦🏽‍♂️

FFS, people. There's "I need help with my computer" and then there's "Some of us shouldn't have a smartphone". 🫶🏼

[-] scrubbles@poptalk.scrubbles.tech 24 points 3 weeks ago

Holding up a giant sign that says "I CLICK ON WHATEVER BULLSHIT LINK YOU SEND ME"

[-] Ledivin@lemmy.world 10 points 3 weeks ago

tbf, it could be sandboxed and safe. I doubt it is, OP doesn't seem the type, but it could be.

[-] scrubbles@poptalk.scrubbles.tech 21 points 3 weeks ago

Doesn't matter, there's more than likely a callback in the url that says who it was, and now the sender knows the number is active and the user clicks on links

load more comments (2 replies)
load more comments (1 replies)
[-] lethargic_lemming@lemmy.world 89 points 3 weeks ago

Very well known scam. Some details that give it away:

(1) They used a url shortener that doesn't let you see the actual domain. (bit.ly)

(2) Website domain is not legitimate.

USPS's website is usps.com. If the URL doesn't end in usps.com (meaning usps.fakewebsite.com is still fake) then it's not legitimate.

(3) Tone: The USPS doesn't text you like you're their friend.

(4) The number they're texting you from is not an SMS short code number (usually 5 digits). Instead you're getting a text from a 10 digit number with an area code, which means it's a person/individual rather than an application or service.

source: used to work as cyber sec analyst

[-] officermike@lemmy.world 31 points 3 weeks ago* (last edited 3 weeks ago)

(5) grammatical error(s): "We will ship again in" instead of "we will ship again on"

Edit: more subtle errors and phrasing that feels like it was written by a non-native English speaker.

[-] ilovededyoupiggy@sh.itjust.works 24 points 3 weeks ago

(6) USPS tracking numbers are like 65 digits long, because they expect to track every hydrogen atom in the known universe individually.

load more comments (5 replies)
load more comments (3 replies)
[-] AmidFuror@fedia.io 64 points 3 weeks ago

A tangent:

What annoys me is when legitimate companies use non-standard URLs in their hyperlinked emails. For example, if you get a message from Facebook taking you to facebookemail.com, that's actually a domain controlled by the real Facebook.

They're essentially teaching their customers to click on links in emails which use unfamiliar URLs which are superficially similar to the usual one.

load more comments (11 replies)
[-] ech@lemm.ee 59 points 3 weeks ago* (last edited 3 weeks ago)

Why the fuck did you click a link like that in the first place? That first message is basically screaming at you that it's a phishing attempt.

Best opsec is to delete and block, ideally without opening it at all to avoid read receipts (if that's a function in your phone). If you think it might be legit, go to the website on your own and find a way to confirm independently. If that's still too much to follow through with, at the very least don't click random links sent to you unprompted.

[-] joshcodes@programming.dev 15 points 3 weeks ago

Hey dude, you had an opportunity to educate someone and instead you belittled them. As someone who works in cyber, please don't do that. People get stigmatised against cyber and IT professionals and they stop trusting us. Users don't know what we do, so be kind to them the way you should be kind to anyone learning new things. https://xkcd.com/1053/

load more comments (4 replies)
[-] circuitfarmer@lemmy.sdf.org 51 points 3 weeks ago

I got one of these today too.

Something tells me the USPS wouldn't be using bit.ly.

[-] prettybunnys@sh.itjust.works 37 points 3 weeks ago

100% a scam.

The USPS won’t text you, they’ll leave you a notice in your mail box. They’re the only people besides you allowed to open your mailbox legally so it’s their best avenue.

load more comments (3 replies)
load more comments (1 replies)
[-] Blackmist@feddit.uk 44 points 3 weeks ago

I think there's now a generation gap between kids today and people who were routinely sent to tubgirl and goatse during the internet's formal years.

If your URL is fucky, it's a scam. If you clicked one, they'll send you more.

load more comments (2 replies)
[-] Technus@lemmy.zip 42 points 3 weeks ago

Bruh, just look at the address bar. That is not a USPS domain. Obviously it's a scam.

You clicked a random link from an sms message?

That’s a bold move, Cotton.

[-] plz1@lemmy.world 35 points 3 weeks ago
  1. 3rd party URL shortener, immediate red flag
  2. Non-USPS.com domain once you tapped it (which you shouldn't have)
  3. National service sending from a South Carolina area code instead of a short code or a toll free number
  4. Does USPS even have your phone number tied to your delivery address?
load more comments (1 replies)
[-] Psythik@lemmy.world 34 points 3 weeks ago

Look at the URL. Of course it's a scam.

[-] wolfpack86@lemmy.world 31 points 3 weeks ago

PSA you can check a bitly link without clicking it by using their link checker: https://support.bitly.com/hc/en-us/p/link-checker

load more comments (1 replies)
[-] flamingo_pinyata@sopuli.xyz 29 points 3 weeks ago

Go to the official UPS website (do not click that link, google it) and enter your tracking number.
If you don't have a tracking number it means you didn't order anything, and it's certainly a scam.

[-] spankmonkey@lemmy.world 16 points 3 weeks ago

This is usps, not ups, but everything else is accurate.

Always check the real site without using a link to get there.

[-] undefined@lemmy.hogru.ch 28 points 3 weeks ago* (last edited 3 weeks ago)

Report this at https://reportfraud.ftc.gov/.

Also, because they’re using Bitly for URL obfuscation report it to them at https://bitly.com/pages/trust/report-abuse.

For any of the fake domains you run into report it to both the registrar of the domain as well as the owner of the actual IP address it points to.

[-] psilotop@lemmy.world 27 points 3 weeks ago

Aside from all of the red flags already listed in other comments....are you even expecting a package to be delivered? I almost never receive a package that I don't expect

[-] whambawhomp@lemmy.world 26 points 3 weeks ago

One thing to note, aside from all the other inconsistencies, that tracking number does not follow the standard tracking number format for a USPS package. The USPS website describes their different tracking numbers for their different services in the FAQ at the bottom of their tracking page. https://tools.usps.com/go/TrackConfirmAction_input

[-] Dogiedog64@lemmy.world 25 points 3 weeks ago

This is 10000% a scam. That's not the USPS url scheme. Plus, as a government entity, they'll start correspondence through certified mail. Another question you could ask yourself is "Did I order any packages lately?" IF not, then more proof it's a scam.

load more comments (1 replies)
[-] BuboScandiacus@mander.xyz 25 points 3 weeks ago

Yes.

100% scam

[-] Honytawk@lemmy.zip 23 points 3 weeks ago

An official company is not going to use an URL shortener.

That's only used when you try to hide the URL, or if you think the user is going to type it out manually.

[-] nimble@lemmy.blahaj.zone 23 points 3 weeks ago

Yes, and usps is never going to text you. Be careful about what links you click. This link could have passed through tracking and flagged your number as someone who clicks their links. At the very least they know it's an active phone number, and at worst they start targeting you more frequently (or sell a list to other people to target you).

This is why you shouldn't ever respond, click on, interact with, or even read scam messages. Same goes for emails btw. Disable auto-loading images in emails since that is another way they can track active emails.

But, good job second guessing the message and asking about it. I mean it. Some scams rely on you not talking to anyone so it is good to ask others if you're unsure/uncomfortable. This is especially true if someone tries to tell you not to talk to anyone else since that is a common practice scammers use as well and should be an instant red flag

load more comments (2 replies)
[-] MagicShel@lemmy.zip 22 points 3 weeks ago

I get these scam texts all the time. It's 100% a scam, and now that you've clicked it, you'll probably get a bunch more scam in the near future, so be extra cautious.

[-] Zier@fedia.io 21 points 3 weeks ago

USPS tracking numbers are never "US000000" they are only digits.

load more comments (2 replies)
[-] mjhelto@lemm.ee 17 points 3 weeks ago

They give you the package info. Just ignore their email and input that into the USPS address manually. Kind of like the FedEx and UPS scams. You don't have to use their link to "check the status" of something. Go to the real site, enter number, see fake, ignore!

load more comments (4 replies)
[-] superkret@feddit.org 16 points 3 weeks ago* (last edited 3 weeks ago)

Make your life easier: NEVER click on any link in an email.
In this case, if you are actually waiting for a USPS package, go to usps.com, enter your package number manually, and see if it tracks.

[-] sp3tr4l@lemmy.zip 15 points 3 weeks ago

It is a scam.

I've recieved similar texts from Amaz0n.

Not kidding about the 0 instead of an o.

The also use the 'Wishing you a bright and sunny day!' line.

...

The url is bullshit, and nobody, literally no legit mail or pacel service is going to use bit.ly.

[-] qjkxbmwvz@startrek.website 15 points 3 weeks ago

UPS and American companies in general

But this is USPS, which isn't an American company, it's a US independent agency.

Their mandate isn't (AFAIK...) to make a profit, but rather to serve the mail requirements of a very large country.

Personally, my experiences with USPS have been generally positive, from passports for infants to free change-of-address forwarding service to tracking down quasi-scam products from Amazon. YMMV though.

[-] olafurp@lemmy.world 14 points 3 weeks ago

100% yeah. The browser URL doesn't have ups in it.

load more comments (1 replies)
[-] joshcodes@programming.dev 14 points 3 weeks ago

Kinda sad to see some of the comments being assholes about OP clicking a link. Like, how do y'all think phishing works? People click. Get over it and just educate people on why not to. Explain the risks and how to spot the scam. Do any of you think this person would have clicked if they knew for sure? Or if they knew the issues that can occur? It's super easy to sit in the comments and act holier than cos you knew and they didn't.

Yeah it's a scam. Most people get these quite often. Your Telecom company probably blocks these quite often. Someone else went through all the details of the scam like the fake domain, where to report etc.

Some of these links allow people to track who clicks. If you click once, they can provide data that you did and they can target you using other numbers and other scams. Might not be the case with this one, but they can also get your device details from accessing the site, using google analytics, ip data, geolocation stuff, etc. Or they ask you to allow notifications but the notifications are also scams.

General rule of thumb is don't click when you don't trust the source. If youre sceptical, just walk away for a bit. Cops, the government and postmen know where you live, and they won't miss you. It is always okay to trust your gut, be it in a call, messaging platform or on the Web.

load more comments (2 replies)
[-] daggermoon@lemmy.world 14 points 3 weeks ago
[-] intensely_human@lemm.ee 13 points 3 weeks ago

Look at the domain name in the url. Not legit

[-] Hyperlon@lemmy.world 10 points 3 weeks ago

Hell my paranoid ass would reinstall windows and change all my passwords after visiting an obvious scam site like that.

[-] SplooshArmstrong@lemmynsfw.com 10 points 3 weeks ago

Yes.

You already knew the URL was off.

[-] Mouselemming@sh.itjust.works 10 points 3 weeks ago

In addition to everything else: for weeks our building has been receiving packages addressed only with a name, a number, S, and the zip. The name is someone who has never lived here and may not exist. There's no apartment number. Our street doesn't start with S, if anything the S is for South. It's obviously some kind of fraud, because what's in the packages are little metal clips to clamp the starting tape holding stuff on a pallet. Not anything for residential use. They ship from various Amazon warehouses but through USPS. We can't get the mailman or Amazon people to return them and the Amazon return process only works if the unwanted package is addressed to you, not some random name.

But I'm now sure as hell that USPS isn't going to let anything as trivial as an unclear address stop them from delivering the package SOMEWHERE. Anything to call it "delivered."

load more comments (3 replies)
[-] recklessengagement@lemmy.world 10 points 3 weeks ago

Scam. Suspicious URL, slightly off grammer. Classic phishing.

Contact seller if unsure.

load more comments (1 replies)
load more comments
view more: next ›
this post was submitted on 02 Dec 2024
226 points (89.0% liked)

Ask Lemmy

27253 readers
932 users here now

A Fediverse community for open-ended, thought provoking questions


Rules: (interactive)


1) Be nice and; have funDoxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them


2) All posts must end with a '?'This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?


3) No spamPlease do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.


4) NSFW is okay, within reasonJust remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com. NSFW comments should be restricted to posts tagged [NSFW].


5) This is not a support community.
It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.


6) No US Politics.
Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online


Reminder: The terms of service apply here too.

Partnered Communities:

Tech Support

No Stupid Questions

You Should Know

Reddit

Jokes

Ask Ouija


Logo design credit goes to: tubbadu


founded 2 years ago
MODERATORS