SMS scam and phishing web sites
This post will describe the phishing campaign that target myself, among other individuals. In this review I will explain the reasoning (both technical and social) in assessing the validity of the sites, messages and the logic behind an attempt to obtain personal data from individuals. The whole story began when I received this SMS message on my mobile. The SMS itself looks pretty much regular, even though the URL it directs you to is not exactly what I'd expect from a courier company. Not only it does not contain the names of either DHL, FastTrack, Post or any similar courier, but rather obscure name (gh4). Anyway, this was not my primary trigger - my primary trigger was an "every day life practice" - I could not remember I purchased anything! So, first thing firs, I contacted my wife to check if we're expecting anything. No. Ok, something's weird here...Let's investigate. I started with simple domain lookups to see who owns this web site. Ok, not much ...