As a blogger/media practitioner, brands and PR agencies send me different stuff at home — and most of the time, they would advise expecting a delivery. Of course, they will either ask for my delivery address or will confirm if my delivery address on their file still the same.
Late last week, out of the blue, I received this SMS advising that my “parcel is ready for delivery.” Kinda weird because I am not expecting any “parcel” or shipment of sorts.
With all precautions in place, I opened the link indicated on the SMS message I received from 09306102080:
Upon clicking on the link, I was presented with a website that at first glance one would believe something legitimately from the Philippine Postal Corporation (PHLPost). The neatly designed webpage showed that I have a pending delivery, complete with a “tracking code”. At this point, I was both in awe and disbelief at the “digital transformation” of the PHLPost. From being one of the worst government agencies to something as “efficient” as sending you an SMS to advise of an upcoming delivery, complete with a website component. But I am still NOT convinced that this is something legitimate.
After clicking on the “Track your item” button, a webpage containing the “package information” with status, shipping option, as well as the amount due as “Customs Fee” is shown on screen. Moving forward, I clicked on the “Schedule delivery now” button.
On the proceeding page, I am being asked how I would like to receive the item: delivered or collected? So, I opted to have the “item” collected at the collection point.
Surprise! The website tells me that the “parcel” is “already” at the depot. I’m just wondering “which depot” of the PHLPost will I have to claim this “package”? So I went back to the preceding page and opted to check on the delivery option.
I was then presented with two (02) options: have the item delivered (1) at home or (2) at work. I opted to have the “parcel” delivered at “work” — wherever it would be (LOL!).
The next page asked me when I want the delivery to happen (without asking the delivery address): on a weekday or a weekend. Wow! PHLPost now delivers during weekends?! How efficient!
So, I opted to have the “parcel” delivered at my “work” on a “weekend” — and true enough, the “Delivery Confirmation” page shows the date of 10 July 2021 (a Saturday), complete with expected time of delivery. The website also asked me to pay the Customs Duties of PHP56. Let’s dig further…
Clicking on the “Enter Shipping Information” button will bring you to a website hosted on another domain (dealsnowzDOTcom). This is where things start to look fishy. From a clean website making you believe that it is a legitimate PHLPost online service to something like what scammers and phishers use for their modus operandi! Notice how the PHP56 from the orignal website now reflects as PHP58.
So, I filled-up the form with dummy information for me to be able to click on the “Next” button. The next page will look like any ordinary payments page — at this point I stopped navigating through the website.
Do you think I will pay PHP58 (from PHP56) online using a credit card? No GCash nor PayMaya options?
I went back to the original website (tracebbDOTtrackingsystemDOTxyz) getting rid of all other data in the URL and I was shown a Cloudflare warning that it is a suspected phishing site. To confirm this suspicion, I reached out to PHLPost via email and this is what they had to say in a copy & paste manner:
A quick check on the WHOIS data for both domain names revealed that they were just registered this year (months ago). Both websites are also using Cloudflare.
To the perpetrators: nice try dude/dudette! Better luck next time 😉
To everyone, please be vigilant. Click on unknown links with caution. Be safe online (and offline).