The holiday shopping season always means big business for phishers, who tend to find increased success this time of year with a lure about a wayward package that needs redelivery. Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients.
Louis Morton, a security professional based in Fort Worth, Texas, forwarded an SMS phishing or “smishing” message sent to his wife’s mobile device that indicated a package couldn’t be delivered.
“It is a nearly perfect attack vector at this time of year,” Morton said. “A link was included, implying that the recipient could reschedule delivery.”
Attempting to visit the domain in the phishing link — o001cfedeex[.]com — from a desktop web browser redirects the visitor to a harmless page with ads for car insurance quotes. But by loading it in a mobile device (or by mimicking one using developer tools), we can see the intended landing page pictured in the screenshot in the article below — returns-fedex[.]com.