This was a scam text, wasn't it?

Soldato
Joined
1 Apr 2014
Posts
19,180
Location
Aberdeen
The other day I got the text below:

Hermes: Please reschedule your delivery at https://hermes.check-reschedule-online.com before your item is returned to sender.

I was expecting something and it was the sort of thing to be delivered by Hermes. I've checked on who-calls.me.uk and the number has been searched a few times (but is likely spoofed anyway). And I checked the package tracking and it said it was being delivered by Royal Mail.

I've not clicked the link, but what almost caught me was that it's not the shortened link usual for such a fraud attempt I've usually received.
 
Yes it's a scam.
Gf nearly got caught by this one.

She was blaming the video doorbell for not picking up the delivery.


When I asked has she checked the tracking she said no! :(
So I asked how did she know it was a missed delivery.. "I got a text"
Was a tad disappointed. She was moaning she'd have to pay! So she had clicked the link.


I bet this is a profitable one!
 
The other day I got the text below:



I was expecting something and it was the sort of thing to be delivered by Hermes. I've checked on who-calls.me.uk and the number has been searched a few times (but is likely spoofed anyway). And I checked the package tracking and it said it was being delivered by Royal Mail.

I've not clicked the link, but what almost caught me was that it's not the shortened link usual for such a fraud attempt I've usually received.

It’s fake because the domain is “check-reschedule-online” and not Hermes
 
I had the exact same text 5 days ago.

'Coincidentally' I had a Hermes delivery due 5 days ago too.

I haven't had a hermes delivery or fake hermes text for at least a year prior to this.
 
Had the same text yesterday. Very nearly caught me out too, as the linked looked almost legit at first glance, and I know my girlfriend had been expecting a delivery.
However, the it showed as being from a phone number, whereas previous texts show as from "Hermes", and when I tried the link in Chrome, it was blocked.
 
It still should be obvious.
That is not the hermes domain.

It was obvious that it weasn't Hermes' domain, but outsourcing is a thing - you don't object to OCUK outsourcing payment processing to Worldcom, for instance - and Hermes are renowned for penny-pinching.
 
It was obvious that it weasn't Hermes' domain, but outsourcing is a thing - you don't object to OCUK outsourcing payment processing to Worldcom, for instance - and Hermes are renowned for penny-pinching.

How often do you go directly to a different source directly through?

You only go to a different domain from within OC you don't just jump into it from an email or a text.
 
It was obvious that it weasn't Hermes' domain, but outsourcing is a thing - you don't object to OCUK outsourcing payment processing to Worldcom, for instance - and Hermes are renowned for penny-pinching.

Payments are one thing - they’re secure systems which need higher security than most websites offer. Plus, they redirect from the source website.


Otherwise, outsourced APIs are generally loaded as scripts on the normal domain, such as a booking calendar.


I do understand your POV though - the Hermes bit does throw you at first. Just stay vigilant and apply strong logical reasoning and you’ll be pretty good for most scams :-)
 
I go through phases of getting loads of messages like this, but don't remember getting one where the link wasn't a shortened URL, so that is a bit of a difference. Can see how it might catch people out given it starts with 'hermes' and the number can be spoofed. Particularly because I don't think using subdomains used to be as common as it is now, so some people will just be looking for 'companyname.'.

Is a disgrace how widespread these sorts of scams are.
 
Back
Top Bottom