This was a scam text, wasn't it?

Soldato
Joined
1 Apr 2014
Posts
18,540
Location
Aberdeen
The other day I got the text below:

Hermes: Please reschedule your delivery at https://hermes.check-reschedule-online.com before your item is returned to sender.

I was expecting something and it was the sort of thing to be delivered by Hermes. I've checked on who-calls.me.uk and the number has been searched a few times (but is likely spoofed anyway). And I checked the package tracking and it said it was being delivered by Royal Mail.

I've not clicked the link, but what almost caught me was that it's not the shortened link usual for such a fraud attempt I've usually received.
 
Caporegime
Joined
13 Jan 2010
Posts
32,495
Location
Llaneirwg
Yes it's a scam.
Gf nearly got caught by this one.

She was blaming the video doorbell for not picking up the delivery.


When I asked has she checked the tracking she said no! :(
So I asked how did she know it was a missed delivery.. "I got a text"
Was a tad disappointed. She was moaning she'd have to pay! So she had clicked the link.


I bet this is a profitable one!
 
Soldato
Joined
14 Apr 2014
Posts
6,575
Location
Sunny Sussex
The other day I got the text below:



I was expecting something and it was the sort of thing to be delivered by Hermes. I've checked on who-calls.me.uk and the number has been searched a few times (but is likely spoofed anyway). And I checked the package tracking and it said it was being delivered by Royal Mail.

I've not clicked the link, but what almost caught me was that it's not the shortened link usual for such a fraud attempt I've usually received.

It’s fake because the domain is “check-reschedule-online” and not Hermes
 
Soldato
Joined
5 Apr 2009
Posts
24,796
I had the exact same text 5 days ago.

'Coincidentally' I had a Hermes delivery due 5 days ago too.

I haven't had a hermes delivery or fake hermes text for at least a year prior to this.
 
Soldato
Joined
18 Oct 2004
Posts
10,583
Location
Kent
Had the same text yesterday. Very nearly caught me out too, as the linked looked almost legit at first glance, and I know my girlfriend had been expecting a delivery.
However, the it showed as being from a phone number, whereas previous texts show as from "Hermes", and when I tried the link in Chrome, it was blocked.
 
Soldato
OP
Joined
1 Apr 2014
Posts
18,540
Location
Aberdeen
It still should be obvious.
That is not the hermes domain.

It was obvious that it weasn't Hermes' domain, but outsourcing is a thing - you don't object to OCUK outsourcing payment processing to Worldcom, for instance - and Hermes are renowned for penny-pinching.
 
Caporegime
Joined
13 Jan 2010
Posts
32,495
Location
Llaneirwg
It was obvious that it weasn't Hermes' domain, but outsourcing is a thing - you don't object to OCUK outsourcing payment processing to Worldcom, for instance - and Hermes are renowned for penny-pinching.

How often do you go directly to a different source directly through?

You only go to a different domain from within OC you don't just jump into it from an email or a text.
 
Soldato
Joined
14 Apr 2014
Posts
6,575
Location
Sunny Sussex
It was obvious that it weasn't Hermes' domain, but outsourcing is a thing - you don't object to OCUK outsourcing payment processing to Worldcom, for instance - and Hermes are renowned for penny-pinching.

Payments are one thing - they’re secure systems which need higher security than most websites offer. Plus, they redirect from the source website.


Otherwise, outsourced APIs are generally loaded as scripts on the normal domain, such as a booking calendar.


I do understand your POV though - the Hermes bit does throw you at first. Just stay vigilant and apply strong logical reasoning and you’ll be pretty good for most scams :)
 
Soldato
Joined
3 Apr 2009
Posts
3,973
Location
Warrington
I go through phases of getting loads of messages like this, but don't remember getting one where the link wasn't a shortened URL, so that is a bit of a difference. Can see how it might catch people out given it starts with 'hermes' and the number can be spoofed. Particularly because I don't think using subdomains used to be as common as it is now, so some people will just be looking for 'companyname.'.

Is a disgrace how widespread these sorts of scams are.
 
Back
Top Bottom