Pickr
  • Latest News & Reviews
  • Recommendations
  • Phones
  • Earphones
  • Sound
  • The Wrap
No Result
View All Result
Pickr
  • Latest News & Reviews
  • Recommendations
  • Phones
  • Earphones
  • Sound
  • The Wrap
No Result
View All Result
Pickr
No Result
View All Result

How to unmask a Bitly text message scam

Leigh :) StarkbyLeigh :) Stark
May 14, 2022
Reading Time: 4 mins read
Share on TwitterShare on FacebookShare on LinkedInShare over email

It’s been some time since a scammer tried to pull one over us with Bitly’s link shortening service, but if you get one of these scams, here’s what to do.

Scammers will try anything to relieve you of money, because that’s how they roll, leaving you to do everything you can to foil their attempts and prevent them from doing just that.

Preventing scams from affecting your life isn’t always easy, and while security software doesn’t always help, education certainly can, giving you the know-how to beat the bad folks doing just that.

Much of this is simply being aware and knowing what not to click on, but sometimes, the scams are convincing because of how they land in your life.

Take the Australia Post scams that have been popping up lately, as scammers turn to spoofing the “AusPost” sender ID on phones and manage to land text message scams that look convincing enough in your mobile inbox. They’re happening somewhat regularly, and are getting more and more convincing, though there are some obvious giveaways, especially if they have a “bitly” link inside.

What do Bitly text scams look like?

You’ve probably heard of Bit.ly before, also known as “Bitly”, as it’s one of the web’s main shortening services. Essentially, Bitly shortens website links so they’re smaller, making them easier to send in messages and on social platforms.

Aside for the actual legitimate uses for Bitly, scammers like to rely on the service because:

  1. It’s free, and
  2. It makes their dodgy links look more convincing in texts.

Typically, we’d tell you that the obvious way to tell a scam in text messages is by looking at the website link. If a scammer is trying to convince you they’re the real version of Australia Post, they’ll typically do it with something that offers a similar name to what they’re trying to trick you with, such as a redeliverysite.com, or something convincing enough to trick you at a moment’s glance.

But when a link is masked by the link shortening service Bitly, our expectation is the link is legitimate because we can recognise Bitly from other uses online.

It looks more real, even if it isn’t. In fact, here’s what one looked like this week:

A fake AusPost message that's actually a scam.

A package has apparently been put on hold, but the language is still sketchy. Australia Post wouldn’t write “please re-delivery”, as that’s not English.

The link, however, is convincing because it’s a Bitly link. So how do you know what Bitly is masking? How do you know what Bitly is hiding?

How to unmask a Bitly link

Bitly does offer a way for anyone to see what’s behind one of its shortened links, and it comes simply by adding a plus sign to the end.

Simply put, if you want to see what a Bitly link is hiding, type in the Bitly web address, and before you hit enter, add a plus (+). When you do, Bitly will show you where it’s supposed to take you, which in the case of this scam, revealed this location. In this example, it would mean looking up https://bitly.com/3PnGH1m+, which reveals the real website behind it.

Where the Bitly link actually directs to: a scam that isn't Australia Post.

Not even a secure website (not that it would matter), the destination of supportauspost-com-au.top is not actually Australia Post’s real websites of auspost.com.au or mypo.st for package tracking.

In fact, if you do a WHOIS on the actual web address, you won’t find Australia Post behind it, but rather someone trying to be very private.

What happens if you do click on this Australia Post scam?

If you were to click on this Bitly-protected Australia Post scam, you’d be taken to what is clearly a phishing attempt and scam, with a thin mobile oriented website set up with a suggested parcel tracking code waiting for you, which when you click to the next step, asks you for credit card details.

This is pretty much the regular approach for post delivery scammers, with the suggestion of a retrying a delivery costing you money. That’s not actually what happens, but scammers keep trying it, with this so-called $1.99 cost not only nonsense, but primarily a way for them to snag your debit or credit card details.

If you put in a fake set of details, there’s no credit card check — because it’s fake — and it asks you for your address.

Don’t get yourself up to that point, though. If you end up accidentally clicking on an Australia Post scam, look at the website up top and see if it matches an actual Australia Post website.

And if that still doesn’t make sense, the moment a website asks for your card details to retry a delivery, close the window ASAP, because you’ve very likely landed yourself into a scam.

Leigh :) Stark

Leigh :) Stark

A technology journalist working out of Sydney, Australia, Leigh has written for publications including The Australian Financial Review, Popular Science, APC, and more since 2007, appearing on ABC Radio and TV on Nine. Check out his most recent media appearances.

ADVERTISEMENT

Related Posts

Scammers try a dark approach with coronavirus vaccine scams
Security

Google Drive goes on defence with anti-malware, anti-phishing

May 17, 2022
What fallout can we expect from the 2019 Facebook leak?
The Wrap - Australia's fastest technology roundup

The Wrap – Password protection and going on scam watch

May 7, 2022
How chatbot scams work
Online

Why passwords are problematic, but why we have trouble moving on

May 5, 2022
ADVERTISEMENT
  • Recommendations
  • Best Picks
  • Methodology
  • About
  • Media Appearances
  • Contact
Change the way you choose.

© 2016 to 2022 Publishr Pty Ltd: ACN 624 227 256
All rights reserved.

No Result
View All Result
  • Latest News & Reviews
  • Recommendations
  • Phones
  • Earphones
  • Sound
  • The Wrap

© 2016 to 2022 Publishr Pty Ltd: ACN 624 227 256
All rights reserved.