You receive a text message from a package shipper notifying you that your package delivery is delayed due to needing updated delivery instructions from you.

You receive a text message from a package shipper notifying you that your package delivery is delayed due to needing updated delivery instructions from you. It provides a shortened link for you to provide the needed information. You are not expecting a package. What is the best course of action?
a. Reply to the message and ask for more information
b. Open the link to inspect the website
c. Delete the message
d. Open the link to provide the information

The Correct Answer and Explanation is:

The correct answer is c. Delete the message.

Here’s why:

The scenario described in the question is a classic example of a phishing attempt. Phishing is when malicious actors impersonate legitimate organizations (such as package shippers, banks, or online retailers) in an attempt to steal personal information, such as credit card details, login credentials, or home addresses.

Why is this message suspicious?

1. Unexpected Package: You are not expecting a package, which should be your first clue that something might be wrong. Legitimate companies typically send notifications only if you’re expecting a delivery or have made an order.
2. Urgency and Request for Personal Information: Phishing messages often create a sense of urgency to pressure recipients into acting quickly without fully thinking things through. In this case, the shipper claims that the package delivery is delayed due to missing information, which prompts the recipient to follow a link to resolve the issue. This urgency can make people more likely to act impulsively.
3. Shortened Link: The inclusion of a shortened link is another red flag. These links can obscure the true destination and direct you to a malicious website. Clicking on such links could compromise your personal information, install malware, or expose your device to security risks.

The Best Course of Action

Rather than opening the link or responding to the message, you should delete it immediately. Here’s what you can do:

• Do not reply to the message, as that could confirm to the scammer that your number is active and that you are a potential target.
• Do not open the link, since it could lead to a harmful website designed to steal your information.
• Report the message if necessary, especially if it was sent via email or text. Reporting can help others avoid similar scams.

If you are ever unsure about a suspicious message, contact the company directly through official channels (such as their customer service phone number or website) to verify whether there is indeed an issue with a delivery. Never trust unsolicited communication asking for personal or financial information.