So, yesterday I almost got scammed. And, I never have fallen into a scam. But this time it was so personal and accurate that I think there’s a leak in either DHL (probably not) or Onefinity / Kirbre enterprises inc. (Most likely)
While tracking my order online on the official DHL page I got a status update “temporally -ON HOLD-“ not long after that I received an email with the status “on hold” and that I need to confirm payment details… And a phishing link… those assholes. Luckily Firefox gave me a warning when I clicked the link. Besides of the “waybill” number (it was not described as tracking number) everything checks out. I also already paid taxes and douane fees (was asked trough SMS message, which also made me scratch behind the ears, but all information checked out. But in hindsight, this could also be a scam), but if I didn’t already paid it and Firefox did not warn me, I might have fallen in to the scam.
So, this is too much of a coincidence for a random scam mail (searched my inbox, and I have never received a scam mail from DHL). So the scammer must know my tracking number and my email address. I don’t think you can retrieve an email address from a tracking number? So the information might come from a leak somewhere by Onefinity… I’m not pointing fingers, and it wouldn’t be the first time a big (DHL size) company has there security breached. But most likely it’s the small start-up company with less than desirable security. I also did not fill in my tracking number on any other website than the official Dutch DHL site (screenshot), and the tracking link send from Onefinity.
Anyhow… Be warned when receiving your shipment. Check, double check, triple check anything before you make a payment.
Sobering indeed. Recommend you send the raw email file (not what your app shows you) to Spamcop for analysis. This does seem highly targeted but if the waybill wasnot accurate, it is unlikely the information came from OF. Just pointing out another possible source for the information would your accounts/computer as well.
If it matters, I have received scam message masquerading as DHL, FedEx, UPS etc. Usually they are very obvious but occasionally they are well crafted.
It’s possible, it seems like a lot of work to scam me. They need to create a fake DHL website and a fake email specificly for me. No, this seems more like an automated process. Also the site pishing site was already blocked / warned by Firefox, so it looks like it was already a while online. Of course, it also could be that the already had a fake DHL site, but then they probably would use a new domain that was not blacklisted. And it would be a big coincidence that they hacked my mail and just received a DHL tracking code where they had a scamming site for.
Many thanks for your post satoer, im due delivery in a few weeks (early May), so will definitely keep an eye out for this, would not have crossed my mind to be honest so glad you brought it up
I had a scam attempted on me today. I a, selling my x50 woodworker on Facebook marketplace. someone came on and asked a few questions about the item told me where they were from different city not too far away and said they would come and pick it up. then they said the sent the money via PayPal. I looked for the email and found it in my spam account not too unusual but It just did not seem right WARNING do not call the number you see here. I only included it so you can be warned. I called it and some guy with a Foreign accent answered and began telling me again what was already in the scammer email. And notice what the return address is to send to PayPal. That is not their email at all. so, I just hung up and called the real PayPal. be careful out there
We encounter little problems while crediting your . You have a pending payment of $2,300.00 USD but we have a problem crediting your account with that amount because the status of your account is not a business account which makes your account have a limit and this amount seems to be above your limit, this will not make us credit your account until you expand your limit.
To fully expand your account to a business account, we would want you to contact the buyer of your item to send in an additional payment of $500.00 USD to your account now so that your account limit can be expand and as soon as this is done will credit fully into your account the total sum of $2,800**.00 USD…**
Note: An alert has been sent to the buyerin regard to theadditional payment he/she has to send to you, we will secure this transaction with high priority that neither the buyer nor the seller will lose in this transaction so once he/she has transferred the money to your account you’ll be notified in your email with the necessary steps to take for your account credited with a total sum of $2,800.00 USD
