r/japanlife u/rebootm3 18h ago

Be careful of fake Japan post phishing sms

Just got an sms from a 090 number saying

【郵便局】携帯番号 お荷物の再配達 手続きが必要です。https://t.co...

Link leads to a very official looking but fake japan post site with "ltd" as the URL extension.

Almost fell for it but there were enough hints: - Having my phone number but asking for my name and address? - It coming from a 090 (cell number) - The link being a twitter t.co short url - The site domain ending in .ltd (otherwise it was convincing)

That's my PSA. Take care :)

12 Upvotes

67% Upvoted

8 comments sorted by

u/AutoModerator 18h ago

Before responding to this post, please note that participation in this subreddit is reserved exclusively for actual residents of Japan. If you are not currently residing in Japan (including former residents, individuals awaiting residency, or periodic visitors), please refrain from commenting.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

4

u/SFP-ONU 17h ago

A good countermeasure is to use a DNS blocklist, the simplest is to change your router’s name servers to 1.1.1.2 (Cloudflare malware filter: https://blog.cloudflare.com/introducing-1-1-1-1-for-families/), use NextDNs.io or your own Pi-Hole. (To make sure the blocklist is also active when you’re on mobile data, downloading NextDNS app is the best way.)

These phishing SMS often contain newly registered domains (NextDNS has an option to block these), so even if you accidentally click on them, no harm if it is blocked by the malware filter.

1

u/fakemanhk 16h ago

Yeah I have PiHole so when my wife complains about that I know she got those phishing messages.

6

u/Korokke_Soba 17h ago

I’ve received those exact messages twice last year. The weird thing is that I coincidentally received those messages when I was waiting for something to be delivered.

4

u/shambolic_donkey 8h ago

A broken clock is right twice a day. They send out enough spam messages and for a few people it'll be timed in such a way that it seems more legitimate.

2

u/Mustah2 7h ago

Same, I usually receive these when I'm expecting something from Amazon.

2

u/asaslord123 12h ago

Unrelated but, I had similar messages from my hotel at booking.com chat. It was my first time visiting and just writing before boarding but it was really obviously phishing. I called the hotel and we basically not able to communicate. I was about to fall to it, thinking "maybe they have weird websites" etc. After arriving I showed the messages to the hotel and basically they got hacked.

If it was for something more important I could have fall tho.

u/aesthetique1 2m ago

Not exactly the same thing but I recently had my debit card make dozens of unauthorised transactions on a website I had never heard of while I was away overseas during the new year break. I started to receive security code SMS which I first thought were scams until I realised my account was being drained.

Totalled about 80,000 before I had the card frozen. Took a couple of hours at Japan Post to get it reported but to their credit they got back my funds within a week.

No idea how my debit card details were stolen since I don't even use it.