UPS Text Scam – How to Avoid getting Phished?

Today I received a text on my business phone that peaked my interest. It said:

#UPS EXPRESS
– Your package has arrived but we were unable to deliver it. Follow the link for details (weblink)

I do receive a number of packages on a regular basis, both for personal and business purposes so getting a text from UPS is not out of the ordinary. The caller ID on the text looked strange, but I decided to click the link.

Lesson 1: Look and the phone numbers and caller-ID info for the sender. While not always accurate, it can give you a heads up to scams.

I was presented with a UPS tracking page that had a tracking number and indicated that a package had been received at a warehouse, delivery was attempted and now the package was back at the warehouse. It looked very official.

UPS Unable to Deliver - Text Scam

I’ve received a lot of business packages recently, but I couldn’t think what was still on the way. I have a splitting headache today, but still I noticed my Spidey-sense tingling…something wasn’t right. I looked at the message again —

Lesson 2 – look twice (or more) before clicking!

Because I do look at a lot of tracking info, I noticed that there were no locations in the updates — Warehouse? Where? In what state? This was too vague. Time to look this over with more scrutiny..

That URL… UPS.8359834236.com – that’s UPS, right? NO. Domains are not about the start — they are are about end. It’s the last two bits that matter – in this case, 8359834236.com – that’s NOT UPS. Still…let’s be sure. At this point I copied the legit looking tracking number and put into Google…nothing. So, I opened a new web browser and went directly to UPS.com and put in that tracking number…no such number!

Lesson 2b – Always check the URL carefully. Legit companies have legit URLs…check them carefully.

Now knowing 100% that this was a scam, I decided to “schedule a new delivery” because I wasn’t sure of the scam type yet. Clicking the link opened an new “UPS” page with a Captcha — you know the things you have to click to prove you are a human? Why would a scam site have a Captcha? This was a nice touch! Next I was presented with the following:

This is logical — if there was a delivery issue, it would make sense to update the address. This gives the scammer a wealth of information that they didn’t have before. Now they have your name and address (billing address) and possibly a new phone number.

Oh, and what’s that? A $2 charge for a package redirect? Well, of course, I want my package (even though I don’t know what it is) – $2 is a small price to pay… I filled out the form with fake (but harmless) information and went to the next step.

And there we go – you enter your credit card number and pay the scammer. Remember, you just gave them all your billing info on the prior page. Will the charge be $2? More? Who knows. Might only be $2 — but if they get away with this many times, that’s a big win. Plus, they now will sell all the information you just gave them, including your credit card information on the dark web.

Oh, and if you were wondering, the website is supposed registered to a company in Reykjavik. That’s not UPS headquarters. 😉

As always… stay skeptical and safe out there.

Copyright © 2019 KellTech Services, LLC. All right reserved