Malicious text message (USPS) Information only

xrobwx71 · Jun 26, 2024

I received a text message today copied below.

From a phone number with an Indonesian exchange of +62

It's supposedly from the USPS (United States Postal Service) ((with an Indonesian exchange))

U‏S‏‏‏‏PS Noti‏fication: Your par‏cel is temporar‏ily on hold at our facil‏ity due to insuffic‏ient ad‏dr‏ess infor‏mation. Please provide a valid de‏‏livery‏ addre‏ss to avoid returning the packa‏ge.
URL:Removed
Wishing you an exceptional day from the US‏‏‏P‏S tea‏m.

Congratulations! Your analysis is done and available at: https://www.hybrid-analysis.com/sam...6c061263802cf5a58fec28fedbb?environmentId=160

--- Falcon Sandbox Analysis Overview ---

https://www.hybrid-analysis.com/sam...f295b81bfcfb4318b46c061263802cf5a58fec28fedbb

--- Falcon Sandbox Analysis Summary ---

Analysis State: SUCCESS

Threat Verdict: malicious

Threat Score: 82/100

AV Detection Ratio: n/a

AV Family Name: n/a

Time of analysis: 2024-06-26 16:58:38

Contacted Domains: a.nel.cloudflare.com, cutt.ly, usom.mzlrpdma.top Contacted Hosts: 104.22.0.232, 172.67.189.63, 172.67.189.63, 35.190.80.1, 35.190.80.1

Environment: Windows 10 64 bit (ID: 160)

R0H1T · Jun 26, 2024

You can remove the url in the OP? Didn't check it here but what's malicious in it?

Bill_Bright · Jun 26, 2024

I am assuming you are not expecting a package from Indonesia.

I would have immediately blocked the number and deleted the message.

Deleted member 229121 · Jun 26, 2024

Just block it, I was getting bogus UPS texts for months a while back.

xrobwx71 · Jun 26, 2024

I've posted this experience on about 7 sites I'm a member of in the hopes it will help steer at least one person clear of being phished.

Bill_Bright said:
I am assuming you are not expecting a package from Indonesia.

I would have immediately blocked the number and deleted the message.

I am not and I did.

dirtyferret · Jun 26, 2024

Maybe it's that Nigerian prince finally sending you that check by way of Indonesia? You should definitely contact it.

I've received BS texts from UPS & USPS.
I've even received BS phone calls from Amazon that had the Washington state area code as Amazon corporate calls do. Thing is I work with them and I know their security questions they ask when they do call me. I asked them to verify the email address on my account (basic question) and the lady just hung up on me.

JIWIL · Jun 26, 2024

The chances of someone accidentally clicking that url are much higher than the chances of someone being saved by this thread. Just.. you know.

xrobwx71 · Jun 26, 2024

R0H1T said:
You can remove the url in the OP? Didn't check it here but what's malicious in it?

Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'https://cutt.ly/repmWkJb?BKK=FH5CsqGHpl%3Fbqy%3DcypMvfnNhc'

Submit malware for free analysis with Falcon Sandbox and Hybrid Analysis technology. Hybrid Analysis develops and licenses analysis tools to fight malware.

www.hybrid-analysis.com

Ivan Bliminse · Jun 26, 2024

I get those texts and emails at least three times a month, i just ignore & delete them..!

Toothless · Jun 26, 2024

If someone clicks a link from a sketch text that's their fault. The best protection is common sense.

Bill_Bright · Jun 26, 2024

xrobwx71 said:
I am not and I did.

A Computer Guy · Jun 26, 2024

Double-Click said:
Just block it, I was getting bogus UPS texts for months a while back.

Same here.

Bill_Bright · Jun 27, 2024

I think we all - me included - missed the point @xrobwx71 was making - even though it is right there in the title of this thread.

He knew it was a scam. He did not and was not tempted to fall for it. He did NOT follow the links. He demonstrated how he used Hybrid Analysis to breakdown and analyze the message, confirming what he already knew - that it was indeed, malicious and not just a "wrong number". Then he deleted it.

The point was, xrobwe71 took the opportunity to remind us all, including the newest, the less experienced and future readers too, that these scams are out there. And I thank you for that!

My personal apologies in particular to xrobwx71 since I've known you for years from another site where we are both on the staff - and where I know your advanced expertise. I should have picked right away that you were alerting readers to these threats - and not inquiring about them.

dirtyferret · Jun 27, 2024

Appreciate the warning, unfortunately scamming people has a very long history and technology simply allows new scams to appear and target people from all over the world.

Now if you excuse me there is a guy in van in our parking lot who needs to get rid of pair of speakers someone refused to buy on delivery and his boss will be really mad if he comes back with them. I think I may get a great deal on them!

bonehead123 · Jun 27, 2024

dirtyferret said:
Now if you excuse me there is a guy in van in our parking lot who needs to get rid of pair of speakers someone refused to buy on delivery and his boss will be really mad if he comes back with them. I think I may get a great deal on them!

Yep, just like that fella that tried to sell me a $3k set of 4 flashy new bling bling 32" rims for my SUV, for ONLY $500....

And guess what.... My son & I grabbed them off the ground & ran away without paying him a dime, hahahaha..

n.O.t... j/k

Actually we just said no thanks, walked away, & called the polizei as soon as we were out of sight !

Also just wondering if any of you who received these texts have reported this scam attempt to the carriers/companies etc ?

I certainly do, even though I realize it will probably get lost in the mountains of garbaggio that they get every day...

xrobwx71 · Jun 28, 2024

Bill_Bright said:
I think we all - me included - missed the point @xrobwx71 was making - even though it is right there in the title of this thread.

He knew it was a scam. He did not and was not tempted to fall for it. He did NOT follow the links. He demonstrated how he used Hybrid Analysis to breakdown and analyze the message, confirming what he already knew - that it was indeed, malicious and not just a "wrong number". Then he deleted it.

The point was, xrobwe71 took the opportunity to remind us all, including the newest, the less experienced and future readers too, that these scams are out there. And I thank you for that!

My personal apologies in particular to xrobwx71 since I've known you for years from another site where we are both on the staff - and where I know your advanced expertise. I should have picked right away that you were alerting readers to these threats - and not inquiring about them.

No apology is ever necessary Bill. But Thanks anyway.

Count von Schwalbe · Jun 29, 2024

I have one from Myanmar and one from Vietnam; no luck yet getting one from Indonesia.

Bill_Bright · Jun 29, 2024

xrobwx71 said:
No apology is ever necessary Bill. But Thanks anyway.

If I jump to the wrong conclusion (as I did) it is only right to admit it.

So as you said, "But Thanks anyway."

System Name	EventHorizon
Processor	Intel® Core™ Processor i9-13900KF 8P/16 + 16E 3.00GHz [Turbo 5.7GHz] 36MB Cache LGA1700
Motherboard	ASUS PRIME Z790-P
Cooling	CyberpowerPC MasterLiquid Lite 240mm ARGB CPU Liquid Cooler
Memory	32GB (16GBx2) DDR5/6000MHz Dual Channel Memory (KINGSTON FURY BEAST RGB)
Video Card(s)	GeForce RTX™ 4080 16GB
Storage	2TB WD BLACK SN850X (PCIe Gen4) NVMe M.2 SSD - Seq R/W: Up to 7300/6600 MB/s, Rnd R/W up to 1200/110
Display(s)	LG 34''
Case	CyberPowerPC HYTE Y60 Dual Chamber Mid-Tower Gaming Case w/ Panoramic View Tempered Glass + 2x120mm
Audio Device(s)	SteelSeries Sonar
Power Supply	High Power 1300W 80+ GOLD Full Modular w/ PCIE 12+4Pins Connector for PCIe 5.0 graphics cards
Mouse	Steelseries Rival 600 wired
Keyboard	Steelseries Apex 7 TKL red Switch
Software	Win 11 Pro

System Name	Brightworks Systems BWS-6 E-IV
Processor	Intel Core i5-6600 @ 3.9GHz
Motherboard	Gigabyte GA-Z170-HD3 Rev 1.0
Cooling	Quality Fractal Design Define R4 case, 2 x FD 140mm fans, CM Hyper 212 EVO HSF
Memory	32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s)	EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage	Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s)	Samsung S24E650BW LED x 2
Case	Fractal Design Define R4
Power Supply	EVGA Supernova 550W G2 Gold
Mouse	Logitech M190
Keyboard	Microsoft Wireless Comfort 5050
Software	W10 Pro 64-bit

System Name	EventHorizon
Processor	Intel® Core™ Processor i9-13900KF 8P/16 + 16E 3.00GHz [Turbo 5.7GHz] 36MB Cache LGA1700
Motherboard	ASUS PRIME Z790-P
Cooling	CyberpowerPC MasterLiquid Lite 240mm ARGB CPU Liquid Cooler
Memory	32GB (16GBx2) DDR5/6000MHz Dual Channel Memory (KINGSTON FURY BEAST RGB)
Video Card(s)	GeForce RTX™ 4080 16GB
Storage	2TB WD BLACK SN850X (PCIe Gen4) NVMe M.2 SSD - Seq R/W: Up to 7300/6600 MB/s, Rnd R/W up to 1200/110
Display(s)	LG 34''
Case	CyberPowerPC HYTE Y60 Dual Chamber Mid-Tower Gaming Case w/ Panoramic View Tempered Glass + 2x120mm
Audio Device(s)	SteelSeries Sonar
Power Supply	High Power 1300W 80+ GOLD Full Modular w/ PCIE 12+4Pins Connector for PCIe 5.0 graphics cards
Mouse	Steelseries Rival 600 wired
Keyboard	Steelseries Apex 7 TKL red Switch
Software	Win 11 Pro

Processor	faster at instructions than yours
Motherboard	more nurturing than yours
Cooling	frostier than yours
Memory	superior scheduling & haphazardly entry than yours
Video Card(s)	better rasterization than yours
Storage	more ample than yours
Display(s)	increased pixels than yours
Case	fancier than yours
Audio Device(s)	further audible than yours
Power Supply	additional amps x volts than yours
Mouse	without as much gnawing as yours
Keyboard	less clicky than yours
VR HMD	not as odd looking as yours
Software	extra mushier than yours
Benchmark Scores	up yours

Processor	7600x -- 8600k
Motherboard	MSI B650 -- ASRock z370
Cooling	TR PA120 -- CM212
Memory	2x16GB -- 2x8GB
Video Card(s)	PNY 4080 -- Zotac 2080ti
Display(s)	LG C3 (42) + Acer XB271HU -- Sony X950H (49)
Case	Torrent Compact Steel Panel -- Define R2
Power Supply	BeQuiet Darkpower13 750 -- Seasonic X750
Keyboard	Epomaker TH80SE/EK21 -- Logi G710+
Software	Win10 (both)

Malicious text message (USPS) Information only

xrobwx71

R0H1T

Bill_Bright

Deleted member 229121

Guest

xrobwx71

dirtyferret

JIWIL

xrobwx71

Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'https://cutt.ly/repmWkJb?BKK=FH5CsqGHpl%3Fbqy%3DcypMvfnNhc'

Ivan Bliminse

Toothless

Tech, Games, and TPU!

Bill_Bright

A Computer Guy

Bill_Bright

dirtyferret

bonehead123

xrobwx71

Count von Schwalbe

Nocturnus Moderatus

Bill_Bright

System Name	Scan 3XS System
Processor	Intel Core i7 11700K
Motherboard	ASUS TUF GAMING Z590-PLUS WIFI
Cooling	Corsair Hydro H150i ELITE CAPELLIX RGB
Memory	64GB Kingston FURY Beast DDR4 3200Mhz
Video Card(s)	10GB EVGA GeForce RTX 3080 XC3 ULTRA GAMING
Storage	256GB EN605 M.2 SSD, 240GB Kingston SSD, 1TB Lexar NQ790 SSD, 1TB Samsung 970 SSD, 2TB Seagate HDD.
Display(s)	Samsung C32JG5x Curved, 1080p, 1920 x 1080
Case	Corsair iCUE 4000X RGB
Power Supply	Corsair RM750x 80PLUS GOLD
Mouse	Razer Mouse
Keyboard	ROCCAT Horde
Software	Microsoft Windows 11 Pro 64-Bit 24H2

System Name	Veral
Processor	7800x3D
Motherboard	x670e Asus Crosshair Hero
Cooling	Thermalright Phantom Spirit 120 EVO
Memory	2x24 Klevv Cras V RGB
Video Card(s)	Powercolor 7900XTX Red Devil
Storage	Crucial P5 Plus 1TB, Samsung 980 1TB, Teamgroup MP34 4TB
Display(s)	Acer Nitro XZ342CK Pbmiiphx, 2x AOC 2425W, AOC I1601FWUX
Case	Fractal Design Meshify Lite 2
Audio Device(s)	Blue Yeti + SteelSeries Arctis 5 / Samsung HW-T550
Power Supply	Corsair HX850
Mouse	Corsair Harpoon
Keyboard	Corsair K55
VR HMD	HP Reverb G2
Software	Windows 11 Professional
Benchmark Scores	PEBCAK

System Name	Still not a thread ripper but pretty good.
Processor	Ryzen 9 7950x, Thermal Grizzly AM5 Offset Mounting Kit, Thermal Grizzly Extreme Paste
Motherboard	ASRock B650 LiveMixer (BIOS/UEFI version P3.08, AGESA 1.2.0.2)
Cooling	EK-Quantum Velocity, EK-Quantum Reflection PC-O11, D5 PWM, EK-CoolStream PE 360, XSPC TX360
Memory	Micron DDR5-5600 ECC Unbuffered Memory (2 sticks, 64GB, MTC20C2085S1EC56BD1) + JONSBO NF-1
Video Card(s)	XFX Radeon RX 5700 & EK-Quantum Vector Radeon RX 5700 +XT & Backplate
Storage	Samsung 4TB 980 PRO, 2 x Optane 905p 1.5TB (striped), AMD Radeon RAMDisk
Display(s)	2 x 4K LG 27UL600-W (and HUANUO Dual Monitor Mount)
Case	Lian Li PC-O11 Dynamic Black (original model)
Audio Device(s)	Corsair Commander Pro for Fans, RGB, & Temp Sensors (x4)
Power Supply	Corsair RM750x
Mouse	Logitech M575
Keyboard	Corsair Strafe RGB MK.2
Software	Windows 10 Professional (64bit)
Benchmark Scores	RIP Ryzen 9 5950x, ASRock X570 Taichi (v1.06), 128GB Micron DDR4-3200 ECC UDIMM (18ASF4G72AZ-3G2F1)

System Name	The Little One
Processor	i5-11320H @4.4GHZ
Motherboard	Beelink/AZW SEI
Cooling	Fan w/heat pipes + side & rear vents
Memory	64GB Crucial DDR4-3200 (2x 32GB)
Video Card(s)	Iris XE
Storage	WD Black SN850X 8TB m.2, Seagate 4TB SSD + SN850 8TB x2 in an external enclosure
Display(s)	2x Samsung 43" + 1x 32"
Case	Practically identical to a mac mini, just purrtier in slate blue, & with 3x usb ports on the front !
Audio Device(s)	No-name compact bluetooth speakers
Power Supply	65w brick
Mouse	Logitech MX Master 3
Keyboard	Logitech G613 mechanical wireless
VR HMD	Whahdatiz ???
Software	Windows 10 pro, with all the unnecessary background shitzu turned OFF !
Benchmark Scores	PDQ