cross-posted from: https://lemdit.com/post/35084

Today I received this text message:

  • Opening the URL from a desktop computer redirects to the real NZ Post website.
  • Opening the URL from mobile shows a convincing spoofed NZ Post tracking page:

The objective of the scam is to get you to click on “Schedule a Redelivery” and give them your personal details:

They will use this information to contact you and attempt to scam money from you, as well as try any future scams they may come up with.

The combination of URL + believable phishing page makes this scam particularly easy to fall for. If you’re from NZ, then it’s a good idea to warn your friends and family about it.

I will report the domain but it usually takes a very long time for anything to be done in these cases.

  • LittleYellowDigger@lemm.ee
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    1 year ago

    Real NZ post will always show your package processing at East Tamaki for a week. How dumb do these scammers think we are!

    • smeenz@lemmy.nz
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      I spent half an hour on the phone with nzpost just today, over a package that I had received a (legitimate) txt message to say my package was with the courier and expected to be delivered within (the next hour). I was home and waiting the entire time, including standing 10m from my letterbox at the moment the status was updated to “Delivery attempted, nobody home”. When I finally got through to a human, they said that on their system, it showed as having been given to the wrong courier route, and explained that the drivers have very limited options to select from as to why they were unable to deliver it.

      They weren’t able to tell me where it actually was, but said it’s probably coming back to the depot, where it will be given to the correct courier tomorrow and they’ll try again.

  • evanuggetpi@lemmy.nz
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    It’s a very clumsy initial message, plus the domain name is obviously not correct. Those are major red flags but of course it will still fool some people.

    • smeenz@lemmy.nz
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      1 year ago

      I’ve heard it said that bad spelling and grammar is actually included in these scams intentionally, because it acts as a sort of filter to weed out the type of people who would casually notice it, and who are more likely to be skeptical of these sorts of things.

    • BalpeenHammer@lemmy.nz
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      it will definitely fool some people.

      These scams are wildly profitable. Too bad I am too ethical to get in on the action.

  • fritata_fritato@lemmy.nz
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Been around for a couple of months now. Very believable. Family member was fooled. The actual amount taken is trivial, but the need to change your card is the real pain