Fraudsters send thousands of messages pretending to be mail carrier Omniva
On Monday, thousands of people received a fraudulent message seemingly from mail company Omniva, asking package recipients to update their address. By clicking on the link at the end of the message, recipients were prompted to enter their credit card information to pay a service fee, in addition to updating their address.
On Monday, many people received a message ostensibly from Omniva stating that their package had been returned to the warehouse due to an incorrect address. However, this was not true; the message was part of a scam.
Urmet Tambre, head of the North Prefecture's criminal investigation bureau, explained how the scam works: "It's quite simple – mass SMS messages are sent to people with a link. When clicked, the link first asks for personal information and later requests a small payment, often under the pretext that the package couldn't be delivered or for some other reason related to updating the information. The person sees that it's a small amount and pays, but in reality, they are giving away their credit card details and the card is later emptied."
This particular scam was especially convincing because the message appeared to come from Omniva itself, arriving in the same folder as previous legitimate package notifications.
Mai Kraft, head of information security at Elisa, explained, "When sending an SMS, the sender can choose a phone number or a sender name. In this case, in addition to the phone number, the sender's name appeared as 'Omniva,' and that's why the message was displayed alongside previous legitimate Omniva messages in the messaging app."
This year alone, six phishing messages have been sent under Omniva's name.
The link included in the message should have raised suspicion.
"Be sure to check the link," advised Martti Kuldma, Omniva's head of innovation and technology. "If the link does not contain the 'omniva.ee' address, there's a high probability that it's a scam. Additionally, if a payment is requested, Omniva typically does not ask for money."
Mai Kraft from Elisa also suggested that companies should avoid including links in messages to prevent customers from having to discern whether a link leads to the correct service provider's page or a fraudulent one.
By Tuesday afternoon, the links in the messages had already been blocked and were no longer accessible, but the police urge people to remain very cautious.
--
Follow ERR News on Facebook and Twitter and never miss an update!
Editor: Valner Väino, Marcus Turovski