2023-11-27 | Awas Modus

Beware of Social Engineering: Phishing Link Trap Delivery Fraud

As social engineering becomes a growing crime, it is important to be aware that the modus operandi is increasingly varied. The most popular one lately is by pretending to be a courier from a freight forwarding service. With one or two tricks up their sleeves, these fraudsters can trick their victims and drain their accounts. Moreover, for credit cardholders. This is because this method can also deceive victims who are unaware that their credit cards have been used for transactions. All of which can be done through messaging applications.

Learn more about social engineering so you can be more vigilant. Also, check out some tips to avoid similar crimes below.

What Is Social Engineering?

Social Engineering is a crime that attempts to manipulate the psychology of its victims by influencing their minds. This crime tends to take advantage of the victims’ errors and carelessness in navigating the cyberspace. Not surprisingly, the victims do not realize that they are being targeted by criminals.

Criminals often employ tactics that are quite personal to the victim. They can pretend to be a representative of a bank or even a courier from a delivery service. This will easily help gain trust from the victim.

This is where criminals can steal sensitive information belonging to the victim and use it to break into the victim’s bank account. Not only that, they can also use the victim’s credit card to make transactions since they already gain access to all the data.

Chronology of Social Engineering Using Fake Delivery Fraud

One popular method is pretending as a courier for an expedition service. This mode targets people who usually do online shopping. For some reason, the fraudster can contact potential victims who are waiting for the delivery of the items they ordered. The following is the chronology of social engineering using fake delivery fraud.

1. Notifying Late Delivery

Potential victims will get a message via SMS or WhatsApp on behalf of the delivery service. It informs that the delivery has been delayed due to various reasons, such as wrong address, weather disturbances, to overloaded shipments. The message will also inform the victim that a fee will be charged for the delivery.

2. Asking for a Regular Check

Unfortunately, the fake courier won’t tell you the estimated time for the package to arrive at the location. This makes the victim need to check it regularly. They will also send a link in their text messages to potential victims. They will convince their victims to click on the link to see where the package is.

3. Victims Do Not Check

As the victims are waiting for the package to arrive, they do not cross check whether the message comes from the actual service company or a fake courier. Credulous victims tend to click on links sent by unknown sources.

4. Link to Credit Card Transaction

The link will lead the victim to a certain website or application. This link also serves as a step to confirm the transaction using a credit card at one of the merchants.

5. Getting Credit Card Transaction Notification

The victims only realized after receiving a notification via email or SMS stating that a transaction had occurred at one of the merchants. The transaction also uses foreign currency.

Tips to Avoid Delivery Fraud

You can avoid a series of crime modes by increasing vigilance. Here are some tips that you can do to avoid social engineering attack.

1. Do Not Trust Easily

Since social engineering attacks have become more prevalent, you should not easily trust the information provided by unknown people. Do not immediately agree to everything requested by the sender.

2. Make Repeated Checks

If make a purchase from e-commerce, you can check through the application. You can see where the delivery process is. If there are problems, you will usually get an official notification via application or email.

3. Confirm to the Expedition Company

It’s also a good idea to contact the shipping company that delivers the package. Ask the status of your package delivery and the estimated arrival at the delivery address.

4. Don’t Click on Random Links and Share Sensitive Information

Most importantly, do not click on phishing links sent by an unverified sender, let alone share your private information such as your credit card data. You should at least wait until you know if the person sending the message is really a courier from an expedition company. So, try to make sure that the information is correct by doing the steps above.

5. Make Sure Not to Carelessly Input the OPT Code

In online credit transactions, an OTP code is received by SMS for the transaction execution process according to the merchant listed on the SMS. Be careful when you are being directed by someone to input the OTP code from the SMS on your phone. This means someone else is making a transaction using your credit card.

Equip yourself with information and knowledge about crime modes that are rampant in cyberspace. Learn about all the crimes on #AwasModus.