Parcel Phishing scam impersonating Pos Malaysia

Scammers created SMS and emails to redirect users to a website supposedly to collect shipment packages. This time the victim company is Pos Malaysia. The website seem to suggest they are collecting shipping fees payment on behalf of Pos Malaysia.



The phishing website will then collect customer's credit card details, until the credit card security code also has to be keyed in.


Google Chrome and Edge Chromium doesn't seem to flag out the site as dangerous so we can assume that this is more a localized scam targeting Malaysians. I noticed the site certificate is from a cPanel CA. Cpanel certificates are generally used my personal blogs and websites, corporations normally do not use Cpanel certificates. Indeed, the hosting provider was GoDaddy which is a budget web hosting service used by individual bloggers. SME and corporations usually do not go for GoDaddy hosting. 


One more red flag was the domain was only recently registered and only 14 days old (not even 1 month).