WPO Image

Business Cybersecurity SMS Phishing

Cybersecurity for business is essential. The hackers are developing new viruses or systems to steal data or cause damage at an alarming rate.

A Correos SMS campaign was discovered in the middle of last monsoon. The purpose of the SMS campaign was to redirect the victim to a fake site. This technique of pretending to be a website or institution is known as phishing. It was designed to steal credentials, personal and bank details from the victim who clicked on the SMS link. This is an important case of SMS Phishing.

The message text looked like this:

Dear customer, Your package was not delivered on the 10th of November because customs fees ($1) have not been paid. Follow these instructions: http://Xhx.me/uZ4yZ (We have created a fake link in order to reduce risks).

Indicators for SMS spoofing

Let’s look at the message to see if there are any signs of falsification.

It includes a call-to-action to make a profit (receiving an email package). The link is a short URL that doesn’t respond to the website it claims it to be. In fact, hackers didn’t bother to “make up” this URL to make it look like email addresses. Finally, if you click on the link (which you should not do) it refers to a website that belongs to a different domain than the official website https://www.correos.com. The link is within the domain: https://correos.com.packageupdate.club Clearly it is a different domain (if it were the mail domain the URL would begin with https://www.correos.com/)

Hackers are skilled in finding the message in the same area where similar messages from SMS Post Office have appeared before (if they have been received).

Hackers managed to bypass the Post Office because they used an SMS identity theft system. You can send fake SMS from several pages. Another thing is that you are allowed to take the identity of the sender. For example, Smsgang / , Spofbox , or Pranktexts. Although these websites claim that they are a joke, many of the options offered by them would allow for illegal acts. Hackers use systems that allow you to change the FROM field in SMS messages. The user is convinced that he is receiving a message sent by a trusted sender.

Cybersecurity tips against phishing

We are confronted with fraudulent acts of this nature and we are sharing with you the following recommendations from the National Cybersecurity Institute.


  • Make sure you have an antivirus that protects your web pages and mail.
  • Make sure your antivirus and systems are up-to-date, and that the signatures are activated.

Be aware: Social engineering attacks (urgent and flattering messages) are coming soon.

VERIFY: Contact the sender via another means if you have any doubts regarding the authenticity of the message or its origin.

CHECK THE URLS: Before you click on any URL to enter your data, hover over it to verify its legitimacy and security (httpS:).

Beware of shortened URLS: You won’t know if the destination you are looking for is legitimate. They are not used by legal sites to request information.

BE AWARE OF FORMS:: Before you submit data to a website, make sure that you have read and understood the privacy policy as well as the legal notice.

AVOID ATTACHMENTS: Attachments can be downloaded in email, SMS, WhatsApp messages, or other social networks.

Be aware of downloading files. Never click on “enable content” when downloading files unless you are confident in the source.

DISTRUST OF UNKNOWN: You should not open any SMS or email from unknown users.

These recommendations will help you avoid falling for a hacker trying to steal your data. If this happens, don’t hesitate to inform your bank and the supplanted entity immediately.

WP Rocket - WordPress Caching Plugin

$3 Off for everyone, $50 back on orders over $50