Do you guys think this is a scam?
Do you guys think this is a scam?
Url looks suss. Seems kinda sophisticated for the usual ups fishing scam. Here's the text message I got leading here.
"Wishing you a bright and sunny day!" Lol, I almost want to help this guy by explaining that UPS and American companies in general have disdain for their customers and would never wish them to have anything that would not benefit the company.
I seriously doubt USPS bought a domain like gflrml dot cyou for their business. It's 300% a scam.
Reminds me of my previous bank.
They changed some system countrywide, so I got an email that I need to update some data and go to a website to do that.
If was something like "update-[bankname]-data-now.tld".
It was sent to a unique mail address I used for them. But still though it was phishing.
Turns out: No. It was real. Whoever came up with the idea to not host that stuff on at least a subdomain of the bank really needs to get fired. and each and every manager who was part of the decision process.
Ugh. I work in the public sector and let me tell you, there are SO many companies that send the most dogiest, scammiest looking emails telling you to follow a link, only for it to turn out to be perfectly legitimate.
I honestly can see now why people end up falling for these things when even legitimate companies send emails looking just like phishing scammers
The text message is the big red flag, that's obviously a scam and has been happening for at least a year. Most scam texts are filtered on my phone, but a few of these slip thru.
I guess they're just trying to tie phone numbers to addresses so they can sell the phone list for more info.
Especially with people keeping their cell number while moving states, tying an address to the number and verifying it's that person would be a tidy profit.
Also, is it common for a legitimate government agency to use a third-party link shortener like bitly?
You mean (uint32_t)-1 %
flip the question around: Why would you think this wasn’t a scam?
Furthermore, wtf did they GO TO THE URL FROM A TEXT MESSAGE at all?! 🤦🏽♂️
FFS, people. There's "I need help with my computer" and then there's "Some of us shouldn't have a smartphone". 🫶🏼
Very well known scam. Some details that give it away:
(1) They used a url shortener that doesn't let you see the actual domain. (bit.ly)
(2) Website domain is not legitimate.
USPS's website is usps.com. If the URL doesn't end in usps.com (meaning usps.fakewebsite.com is still fake) then it's not legitimate.
(3) Tone: The USPS doesn't text you like you're their friend.
(4) The number they're texting you from is not an SMS short code number (usually 5 digits). Instead you're getting a text from a 10 digit number with an area code, which means it's a person/individual rather than an application or service.
source: used to work as cyber sec analyst
(5) grammatical error(s): "We will ship again in" instead of "we will ship again on"
Edit: more subtle errors and phrasing that feels like it was written by a non-native English speaker.
(6) USPS tracking numbers are like 65 digits long, because they expect to track every hydrogen atom in the known universe individually.
You're absolutely right, of couse, but keep in mind that communications is still mostly done by people and people are generally fucking stupid.
I'll add how is it that they could not know the address of the recipient, yet would know their phone number?
Either the recipient is totally unknown or they know the address. The last thing they would know about a recipient is the phone number.
That's interesting I didn't think about that fourth point, but whenever I get a verification SMS it does always come from a 5 digit number.
That one is not hard evidence though, for example delivery drivers from FedEx in my area send text messages from their actual phones announcing an upcoming delivery.
The messages are still standardized, so I'm assuming they are company phones and send pre-programmed messages from templates, but if I call that number, I'll actually speak to the person handling my delivery.
A tangent:
What annoys me is when legitimate companies use non-standard URLs in their hyperlinked emails. For example, if you get a message from Facebook taking you to facebookemail.com, that's actually a domain controlled by the real Facebook.
They're essentially teaching their customers to click on links in emails which use unfamiliar URLs which are superficially similar to the usual one.
They probably want to separate their customers from getting up to stupid spammy behaviour and getting the domain blacklisted from their ability to deliver their own official Facebook email notifications. There probably ought to be better ways to do that, but the fact Facebook went "yeah, we gotta register the shitty domain facebookemail.com" makes me think they're working around a crappy limitation of smtp email.
There ought to be no limitation with, say, email.facebook.com. Sure, have the domain facebookemail to prevent bad actors grabbing it, but only use it as a redirection.
I don't think there's mail server software in existence that would choke on a subdomain like that. There might be a few mail admins too easily confused to be able to set it up, but I doubt there are any of those at Facebook.
That said, most people aren't going know that a subdomain is safer than a legitimate looking alternative, so maybe it's all moot.
Tangentially, it seems that someone has squatted on facebook-email.com (note the hyphen), so I expect that Zuck's lawyers are crawling all over whoever's done that.
Congratulations, you belong to the 3% of users who know what a domain is and why that matters. Everyone else uses Google (or DuckDuckGo because "Google bad") to search for their favorite websites every time.
Google has one that is the most suspect url in existence, I don't remember what it was but I verified it three different ways to be sure.
UPS apparently subcontracts their hiring to fucking Indonesia so you'll get people working in a phone bank overseas asking for personal information.
Goo.gl was one of theirs.
Why the fuck did you click a link like that in the first place? That first message is basically screaming at you that it's a phishing attempt.
Best opsec is to delete and block, ideally without opening it at all to avoid read receipts (if that's a function in your phone). If you think it might be legit, go to the website on your own and find a way to confirm independently. If that's still too much to follow through with, at the very least don't click random links sent to you unprompted.
Hey dude, you had an opportunity to educate someone and instead you belittled them. As someone who works in cyber, please don't do that. People get stigmatised against cyber and IT professionals and they stop trusting us. Users don't know what we do, so be kind to them the way you should be kind to anyone learning new things. https://xkcd.com/1053/
Could someone educate me on the possible damage clicking a link can bring, assuming I'm not interacting with the website any more than that?
Not doubting there's damage, just curious. I'd think they'd get some maybe usable info from fingerprinting or something? Could javascripts lead to more serious problems?
If you do nothing but click the link and then close the resulting website without clicking anything else, all that will happen is that they'll know you're someone who clicks such links and you're likely to get more of them.
The least it wil do is confirm your email to be in use for further scams.
There could theoretically be a vulnerability in your browser that would allow them to infect you with viruses, but such vulnerabilities are much much more valuable used elsewhere (or cashed in through security research bounties). One I've seen is that the page further phishes you into downloading and installing an "update" to your browser that's really a virus, or they simply try to phish you out of money, for example by asking you to pay the shipping costs again.
It's also a way to build lists of who actually clicks the links, that they resell to the next sucker (scamming is suckers all the way down, they all buy The Next Big Technique from some guy), ensuring you will get further spam in the future.
There's actually a fun technique to do to avoid further spams when it comes to voice calls. A little know fact is that elevator call buttons are actually just phones that have a phone number, and if you dial the number, it will automatically answer and you will hear whatever is in the elevator (generally nothing). If you pick up but don't say a word, their automated systems will flag you as an elevator phone number and they will stop calling in order to stop wasting resources on calling numbers that won't lead to money.
I got one of these today too.
Something tells me the USPS wouldn't be using bit.ly.
Expecting them to have my phone number but not my address is a mental leap I cannot fathom in the first place.
I think there's now a generation gap between kids today and people who were routinely sent to tubgirl and goatse during the internet's formal years.
If your URL is fucky, it's a scam. If you clicked one, they'll send you more.
Our parents couldn't use computers properly, and now our kids can't use them properly either.
That being said, I learned the hard way back in the golden age many, many times.
The good old days of Azureus and Limewire
You clicked a random link from an sms message?
That’s a bold move, Cotton.
Bruh, just look at the address bar. That is not a USPS domain. Obviously it's a scam.
- 3rd party URL shortener, immediate red flag
- Non-USPS.com domain once you tapped it (which you shouldn't have)
- National service sending from a South Carolina area code instead of a short code or a toll free number
- Does USPS even have your phone number tied to your delivery address?
That also doesn't look anything like a USPS tracking number (which, if this were real, you'd probably already have). Pro-tip: USPS has "informed delivery" where they'll send you an email every day with scans of your mail and any packages on their way to you. Which would give you another way to know that this isn't real.
PSA you can check a bitly link without clicking it by using their link checker: https://support.bitly.com/hc/en-us/p/link-checker
TIL, ty
Look at the URL. Of course it's a scam.
Go to the official UPS website (do not click that link, google it) and enter your tracking number.
If you don't have a tracking number it means you didn't order anything, and it's certainly a scam.This is usps, not ups, but everything else is accurate.
Always check the real site without using a link to get there.
Report this at https://reportfraud.ftc.gov/.
Also, because they’re using Bitly for URL obfuscation report it to them at https://bitly.com/pages/trust/report-abuse.
For any of the fake domains you run into report it to both the registrar of the domain as well as the owner of the actual IP address it points to.
This is 10000% a scam. That's not the USPS url scheme. Plus, as a government entity, they'll start correspondence through certified mail. Another question you could ask yourself is "Did I order any packages lately?" IF not, then more proof it's a scam.
I get emails from usps all the time, they have a service to alert you of mail and packages arriving. Though, they dont SMS, and wouldnt be using a bit.ly url.
Aside from all of the red flags already listed in other comments....are you even expecting a package to be delivered? I almost never receive a package that I don't expect
One thing to note, aside from all the other inconsistencies, that tracking number does not follow the standard tracking number format for a USPS package. The USPS website describes their different tracking numbers for their different services in the FAQ at the bottom of their tracking page. https://tools.usps.com/go/TrackConfirmAction_input
Yes.
100% scam
Yes, and usps is never going to text you. Be careful about what links you click. This link could have passed through tracking and flagged your number as someone who clicks their links. At the very least they know it's an active phone number, and at worst they start targeting you more frequently (or sell a list to other people to target you).
This is why you shouldn't ever respond, click on, interact with, or even read scam messages. Same goes for emails btw. Disable auto-loading images in emails since that is another way they can track active emails.
But, good job second guessing the message and asking about it. I mean it. Some scams rely on you not talking to anyone so it is good to ask others if you're unsure/uncomfortable. This is especially true if someone tries to tell you not to talk to anyone else since that is a common practice scammers use as well and should be an instant red flag
usps is never going to text you.
Yes, though they might send you emails if you sign up for Informed Delivery: https://www.usps.com/manage/informed-delivery.htm
I've never used it, but it sounds like a great way to clear this up.
usps is never going to text you.
USPS will text you, but only for packages you explicitly request SMS tracking messages for, those texts will never contain a link to a website, and they will always come from a 6-digit short code, not a full phone number
An official company is not going to use an URL shortener.
That's only used when you try to hide the URL, or if you think the user is going to type it out manually.
I get these scam texts all the time. It's 100% a scam, and now that you've clicked it, you'll probably get a bunch more scam in the near future, so be extra cautious.
USPS tracking numbers are never "US000000" they are only digits.
This can even be checked at https://tools.usps.com. Try to track the number or use one of the drop downs to see what different USPS service tracking numbers look like.
I have received a legit “undeliverable package” status before but it will never be sent in a text like that. It will only display on the tracking history/status on the USPS tracking website for a given parcel.
100% correct!
They give you the package info. Just ignore their email and input that into the USPS address manually. Kind of like the FedEx and UPS scams. You don't have to use their link to "check the status" of something. Go to the real site, enter number, see fake, ignore!
That number isn't even anything like a tracking number for USPS.
Then no reason to even question the validity of the original message.
Be careful with this! Sometimes they use real tracking ids!
You can't trust it even if the package exists.
It's not about whether the tracking number is legit but whether that tracking number has anything to do with someone's actual address or a package being sent to them. The status of the tracking number, if legit, should be enough to verify the contents of the original message. In my experience, when the address has been wrong, or input incorrectly, I'll see some sort of message about difficulty with the address and how it set the address to something or requested information.
It is a scam.
I've recieved similar texts from Amaz0n.
Not kidding about the 0 instead of an o.
The also use the 'Wishing you a bright and sunny day!' line.
...
The url is bullshit, and nobody, literally no legit mail or pacel service is going to use bit.ly.
Make your life easier: NEVER click on any link in an email.
In this case, if you are actually waiting for a USPS package, go to usps.com, enter your package number manually, and see if it tracks.UPS and American companies in general
But this is USPS, which isn't an American company, it's a US independent agency.
Their mandate isn't (AFAIK...) to make a profit, but rather to serve the mail requirements of a very large country.
Personally, my experiences with USPS have been generally positive, from passports for infants to free change-of-address forwarding service to tracking down quasi-scam products from Amazon. YMMV though.
Kinda sad to see some of the comments being assholes about OP clicking a link. Like, how do y'all think phishing works? People click. Get over it and just educate people on why not to. Explain the risks and how to spot the scam. Do any of you think this person would have clicked if they knew for sure? Or if they knew the issues that can occur? It's super easy to sit in the comments and act holier than cos you knew and they didn't.
Yeah it's a scam. Most people get these quite often. Your Telecom company probably blocks these quite often. Someone else went through all the details of the scam like the fake domain, where to report etc.
Some of these links allow people to track who clicks. If you click once, they can provide data that you did and they can target you using other numbers and other scams. Might not be the case with this one, but they can also get your device details from accessing the site, using google analytics, ip data, geolocation stuff, etc. Or they ask you to allow notifications but the notifications are also scams.
General rule of thumb is don't click when you don't trust the source. If youre sceptical, just walk away for a bit. Cops, the government and postmen know where you live, and they won't miss you. It is always okay to trust your gut, be it in a call, messaging platform or on the Web.
Also, in case of any doubt, contact whoever supposedly sent you this directly.
In this case, contact USPS and ask if this is correct.
Also, no one is too smart to be scammed and a lot of scammers rely on people thinking they're too smart to be scammed. Really smart, highly-educated, very successful people get scammed all the time. That's how Jack Abramoff was able to pull of his crimes for so long. That's how Theranos became a massive company.
100% yeah. The browser URL doesn't have ups in it.
Ups is not usps
100% scam
Look at the domain name in the url. Not legit
Hell my paranoid ass would reinstall windows and change all my passwords after visiting an obvious scam site like that.
Scam. Suspicious URL, slightly off grammer. Classic phishing.
Contact seller if unsure.
slightly off grammer
This comment is a scam !
x)
In addition to everything else: for weeks our building has been receiving packages addressed only with a name, a number, S, and the zip. The name is someone who has never lived here and may not exist. There's no apartment number. Our street doesn't start with S, if anything the S is for South. It's obviously some kind of fraud, because what's in the packages are little metal clips to clamp the starting tape holding stuff on a pallet. Not anything for residential use. They ship from various Amazon warehouses but through USPS. We can't get the mailman or Amazon people to return them and the Amazon return process only works if the unwanted package is addressed to you, not some random name.
But I'm now sure as hell that USPS isn't going to let anything as trivial as an unclear address stop them from delivering the package SOMEWHERE. Anything to call it "delivered."
That scam is called "brushing."
Amazon does have a report process for it, but yeah it's most likely to go into the Ai chipper.
Tried it, the first question is to confirm that the package is addressed to YOU. There's nobody in the building who could do that.
I found This on the same site as @[email protected]. Doesn't sound 100% like their intent (unless whatever is "next" is a place to fill out personal details). However loading a webpage is enherantly at least a little bit risky.
Yes.
You already knew the URL was off.
Yeah, scam. Ibthough that would be obvious, but if it's not: that is a scam, and there are many like it
Yes
Yes. Don't click on that link, it's been obscured using an URL shortener
Yes, I get them constantly.
Yeah. I was getting these almost daily for a few months. Never responded to them and never missed any expected packages.
As others have said, that is definitely a link to a fake website.
If you want to be extra sure, just contact USPS directly.
Kek you clicked that?
Look man, if you want to understand what's going on there's a really short (even for my ADHD) video right here:
The guy here explains exactly why not to do that - https://bitly.com/98K8eH
You laugh at someone clicking it then paste a URL shortener link....
The joke is always better when someone explains it.
I don't even need to click taht to know his initials are R.A. :-)
How could you not? Do you buy things so often that that happens a lot? Ignoring the grammatical error of in instead of on, are you actually expecting a package with that numberwhich is not a typical USPS tracking number
How could you read that text and then click on link?
Even if this is true - which it isn't - it's much better to let packages be sent back to the sender than to take responsibility upon yourself.
100% chance you ordered from temu or ali express and got this message while waiting for a package right?
They sell your order info along to scammers who time these right around when you're expecting your order.
Pretty clever! Definitely a scam!
your first clue was the link in the next - no shipper is going to miss having its branding in the url. the second if that the url it redirects to its obviously random bs and if you do a whois you see its def not owned by usps.
got a few of these phishing attempts myself over thanksgiving. holiday gift shopping season has begun, the scammers want to catch the less savy among us.
ITT things that make my chest tighten painfully
It's a scam. You can tell because you're getting it via a rcs text. I've never once seen a business use an encrypted text.
Also the URL of course.
Edit: nvm just discovered some doctors offices do indeed use encrypted protocols for SMS. So the text being RCS isn't inherently suspicious. Businesses may use it. But obviously the URL gives away that it's a scam.
You can tell because it’s a text message.
The USPS will leave you a notice in your mailbox, not text you.
Your phone number isn’t part of the address someone mails to.
It's already returning 404 lol
Oh, dang.
Thanks for checking though.
Bit[dot]ly
Is an obvious clue. Companies/Entities like USPS don't use 3rd party url shorteners...
No, they just pipe them through asinine third-party tracking URLs that get blocked on my network
- You expecting a package? If no - scam. If yes proceed to 2.
- Check the tracking code on the carriers site or on a multi track site and see what the status says.
Ive had packages come to the building and the postal worker not knowing which box to put it in so it went back to the post office and the tracking indicating unsuccessful delivery due to unknown address (or something similar). In these cases, call or visit the post office doing the delivery or the company. The tracking number will be the key piece of information you can tie to a partial address. In smaller communities, this wont even happen as just placing a name on a package can get a successful delivery since the postal worker knows everyone in the community.
It is 100% a scam. I get texts with this exact text all the time with shady links going to a fake USPS website.
Super duper scam. You should very wary of clicking ANY link from a number you do not recognize for any information you do not expect to receive.
They can't figure out your address, but somehow they can figure out your email?
Just write in the nearest Subway/McDonald's address.
The entire thing looks sus
"The .cyou domain is a generic top-level domain (gTLD) that's short for "see you". It's intended for social media influencers, creative directors, and other tech-savvy people who want to be seen online."
LOL - seems legit...
Hope you didn't click that link. You probably downloaded a malicious payload.
You got several good answers already.
First of all, if you aren't expecting any shipment from USPS, then why would you be updating your address details for them at all?
But even if you are: gflmr.cyou is certainly not the USPS and I highly doubt they would have errors like "package number number" and weird grammar like "because … is not clear, your package is not delivered" on their tracking website.
Scam. I get messages like this everyday and I know I don't have any USPS packages coming. Also a bit.ly link is super suss
Lmao I got this exact scam message and reported as spam as you should
I get a few of these every week. I used to just report and block, but lately I’ve been sending them messages that the delivery is important and that I’ll pay to have it expedited if they request money from me at <insert link to shock websites like meatspin or goatse>.
Their messages are probably automated without anyone monitoring it, and I haven’t gotten a response yet, but I’d like to think that a few of them have been tricked into staring at a photo of some dude’s giant asshole.
You should download the USPS Informed Delivery app and sign up for email notifications about your mail. These texts are scams and the government never contacts you outside of snail mail/email unless you specifically sign up for another way.
USPS will never text you unless you have your account set up that way. My mom sends me these texts asking if they're legit, and I always ask, "Did you order something?" No. "Well, then why would you have a delayed package?"
Again, USPS will not text you like this, and they use a .gov domain.
Even if you were set up like that, if they can't make out the recipient address, then they wouldn't even know to contact you.
In case of USPS, the only URL that looks suss is "usps.com", what are you thinking about? :)