Smishing Spamming Scamming Example

This SMS spam/phish/unwanted message came into my wife’s phone this morning:

The FedEx subject line reminds me of the story (https://blog.knowbe4.com/usps-and-fedex-phishing-attack-texts-flood-mobile-phones) KnowBe4 posted we posted a week ago.

The URL link was: d2fve.info/1SFQraoNGd

When I clicked on it in my VM session, it redirected to: https://open-message.site/us/ltl28/9265821337014.php?ts=all&cid=1602678796&sxid=9lo8605jzrjl&ttorigin=9lo8605jzrjl, which display the figure below:

I love the obvious incongruent linking…from an SMS text claiming to be from FedEx to a USPS survey. They don’t even try to make it realistic. Does anyone fall for this? Some people must or else the spammers and phishers would not send them.

It asked me seven “survey” questions about the USPS. I answered all 7 and was then offered all sorts of “gifts”. I’ve been through this drill many times before and it always leads to a “free” gift that turns out to be some almost hidden monthly billing arrangement that will end up costing someone who isn’t reading closely a lot of money. Most of the time when people who feel defrauded try to get back their money or stop the automated payments they legally agreed to, it’s a fight to the finish. I guess is that entities like this one make most of their money off denying as best they can refunds. Because if you pay close attention to the legal terms and conditions, somewhere the firm is usually stating the truth of what’s going to be billed and how. And if you agree to it…well…it’s much harder to get the money back or stop the payments than it was to agree to it in the first place.

And yes, that’s exactly what happened when I finished the survey. I was told I could pick among many gifts and to choose one (as shown below):

I love the fake reviews it included below the free gifts, like the one below.

For my gift I choose the tactical bag shown in the review above, and here’s what popped up.

It then took me to: https://www.preppedpatriotusa.com/sales-letter-bag and showed me the screen below.

Clicking on the “Yes, I Want a FREE Patriot Go Bag!” button took me to the screen shown below:

Hey, they just want my billing info for shipping and handling of my “free” bag. What could go wrong?

They are billing me $14.95 for “oversized S&H”? That sounds about right.

And they want to give me lots of FREE stuff (shown below) in addition to my free bag (as shown below).

Small disclosure on the purchase form, shown below, reveal a nearly hidden "gotcha" billing surprise.

So, my free “Patriot Go Bag”, which is a “gift” for me filling out the survey will cost me $14.95 and then $47 per month for automatically enrolling me in “The Patriot Alliance Online Academy? I wonder if that “academy” provides education on not being fooled by dump bait & switch scams?

So, the smishing attempt was more of a spamming/unwanted advertising bait&switch attempt. Not sure if they would do anything nefarious other than automatically enroll people for a $47/mo service that most probably didn’t want. There are millions of these unwanted advertisements, and anyone not paying attention is going to get bit.