I did not respond. One thing puzzles me, though. The web address starts with purolator.com and then has additional characters. I am under the impression that any address with purolator.comXXXXXXX would still be on the purolator.com site and not take you outside of it. Am I wrong? Is this not a .com site but a .vip site?
Received a Scam Text
- Thread starter George7941
- Start date
I did not respond. One thing puzzles me, though. The web address starts with purolator.com and then has additional characters. I am under the impression that any address with purolator.comXXXXXXX would still be on the purolator.com site and not take you outside of it. Am I wrong? Is this not a .com site but a .vip site?
.vip is the domain portion of the hostname so it will not be part of the legit purolator.com domain.
So... are you expecting a package from Purolator?
No. But I did receive a Purolator shipment a couple of days prior to this text.
I googled 63 area code and it is the Phillipines.
It's obviously spam/scam, but you also know this because the domain name, com-payhe.vip, was registered 3 days ago.
It's pretty common to spawn new domain names, frequently, for domains because no reputation (new) is better than a bad reputation. I actually block all domain names < 90 days old.
https://www.whois.com/whois/com-payhe.vip
It's pretty common to spawn new domain names, frequently, for domains because no reputation (new) is better than a bad reputation. I actually block all domain names < 90 days old.
https://www.whois.com/whois/com-payhe.vip
Each day I get spam texts and emails related to fraudulent activity on fill-in-the-blank. A regular occurrence are the ones from "PayPal" showing an invoice for hundreds of dollars was successfully processed, but if I don't recognize the transaction, call xxx.xxx.xxxx.
Another biggie is getting phone calls from what looks to be a bank or credit union's main phone number. This is of epic proportions and their real websites are warning all their customers to not answer any calls from what looks to be from them.
All unrecognized texts and emails are deleted without opening. My phone is set to only show calls from numbers in my contacts. Others go through another process which I can review later if needed.
Another biggie is getting phone calls from what looks to be a bank or credit union's main phone number. This is of epic proportions and their real websites are warning all their customers to not answer any calls from what looks to be from them.
All unrecognized texts and emails are deleted without opening. My phone is set to only show calls from numbers in my contacts. Others go through another process which I can review later if needed.
You only got one? Lucky.
I (almost) never answer a phone call from an unfamiliar phone number. If it's really important, they'll mail me a letter, lol
Or actually leave a real message
They almost got my wife on that one . She panicked and called the number . The guy told her to shut down her PayPal account . He would send her a link . She put him on hold and came and found me . I told her to hang up that bleeping phone immediately ! We had a long talk about scams and such .
Nearly every time I answer a call from a suspicious number it's a "police union" looking for donations, which is also a scam.
I occasionally get duped in to answering it because my work desk phone forwards to my work cell phone .... and if my work cell and personal cell are on the same wifi, both will ring. So, I answer my personal phone and it ends up being some vendor who wants to do business with us and is cold calling me, or the "police union" scam.
I occasionally get duped in to answering it because my work desk phone forwards to my work cell phone .... and if my work cell and personal cell are on the same wifi, both will ring. So, I answer my personal phone and it ends up being some vendor who wants to do business with us and is cold calling me, or the "police union" scam.
A dash is acceptable in a domain name it works the same as a letter or number. So as the others said, "com-payhe" is one word, like com3payhe or comxpayhe would be. It looks like "legitcompanyname.com" on the first inspection but it is not.
Any text or email coming from a legit company about ordering or shipping merchandise would include specific details like your name, order number, etc.
Any text or email coming from a legit company about ordering or shipping merchandise would include specific details like your name, order number, etc.
It's only the last part that matters:
purolator.com.somesketchysite.ru is taking you to a subdomain - which very literally anyone can make for their domains (I am a web developer) - of somesketchysite.ru. I get these all the time trying to lead me to resolve a conflict at my bank and the web address is my_actual_bank.ca.malicious_turd.ru. All they want is for you to input your credentials. You'd be greeted with a "Issue is resolved! Thanks!" message to allay your concerns and attention; and they've now got your username and password.
This is why was always always always always use 2-Factor Authentication.
purolator.com.somesketchysite.ru is taking you to a subdomain - which very literally anyone can make for their domains (I am a web developer) - of somesketchysite.ru. I get these all the time trying to lead me to resolve a conflict at my bank and the web address is my_actual_bank.ca.malicious_turd.ru. All they want is for you to input your credentials. You'd be greeted with a "Issue is resolved! Thanks!" message to allay your concerns and attention; and they've now got your username and password.
This is why was always always always always use 2-Factor Authentication.
Similar threads
