FedEx van during Christmas rush is driving through the streets in Gliwice, Poland. 23rd December, ... [+]
It’s not every day that a major shipping company tells you not to open a text message.
Just yesterday, FedEx posted on their Twitter feed about a text messaging scam that is both highly unusual and a bit disconcerting at the same time. Here’s the tweet:
Full disclosure here: I fell for the scam. I didn’t fill out any information or add personal info, and my phone blocked the scam, but I did click the message by mistake. That’s surprising even to me because I know full well not to click on anything that looks suspicious. Banks rarely email us out of the blue; what appears to be a free offer is probably a foreign hacker trying to steal your credit card.
And yet, it was FedEx. And I tend to receive messages about deliveries constantly.
It’s a ploy that might even trick the tech-savvy among us.
I haven’t looked back at every tweet, but in scanning through dozens of them I have not seen anything in the FedEx feed about previous texting scams. It must be working. To post a general-purpose message about the text scam must mean they are taking this seriously, and perhaps customers are letting them know they’ve been hacked.
Another reason the scam works, other than looking like a normal delivery text (with a tracking code and everything) is that it appears on our phones.
Spam is not as much of a concern for me these days since most of the messages go into a spam bucket. Texts seem to have more legitimacy — most of us think it’s unlikely anyone could know our phone number and scam us.
Companies will have to become even more proactive about these dangers. The fact that FedEx posted on their feed means we may see more of these warnings, with more details about what to do. For this scam, FedEx is asking customers to avoid clicking on the link in the message. The tweet explains how to report fraudulent messages and how to sign up for official texts.
What the tweet doesn’t quite cover is what to do if you were a victim of the scam — meaning, you not only clicked the link (like me) on your phone but you also went ahead and filled out the information. From the reports I’ve seen, if you do that, you can expect to be charged a monthly service fee approaching $100 per month. I would never hold FedEx accountable to this problem — any scammer can use the brand name and replicate the text message verbiage.
What is different this time is that the company is trying to notify the public at large by using their Twitter feed, which has about 284,000 followers. (That number seems extremely low to me, although I would say Twitter is not the first place I’d turn to for FedEx help.)
As social media becomes the primary channel for communication, as opposed to email or other means, we’ll likely see more security notices like this from companies like FedEx. It’s a step in the right direction, even though it didn’t stop me from clicking.
Note: FedEx did not immediately return a request for comment.
