Fake Emirates Post pages detected

Posted byAnti-phishing Leave a comment on Fake Emirates Post pages detected

Threat Analysis: Emirates Post Phishing – Small Fee & Card Harvesting

How it works:
The victim receives an SMS, email, or messaging app alert claiming a package requires a small delivery fee or customs payment. The link leads to this page, which mimics the Emirates Post payment interface. The victim is asked to provide:

  • Cardholder name
  • Full card number
  • Expiration date (MM/YY)
  • CVV security code

Logos for Verified by Visa, MasterCard SecureCode, and PayPal are displayed to create a false sense of security. A small amount (AED 12.15) is shown to make the payment seem trivial.

The goal:
The attacker captures complete credit/debit card information (number, expiry, CVV) along with the cardholder’s name to make fraudulent purchases or sell the data.

Red flags to watch for:

  • Suspicious URL: The page is hosted on kaeru.happyspotclub.org, not emiratespost.com or any official Emirates Post domain.
  • Request for CVV: A legitimate postal service never asks for your card security code to collect a delivery fee.
  • Small fee trick: AED 12.15 is a trivial amount intended to lower suspicion.
  • No tracking or package reference: The victim cannot verify the supposed shipment.
  • Copied payment logos: The Visa, MasterCard, and PayPal badges are used to appear legitimate but do not guarantee safety.

What to do if you encounter this:

  • Do not enter any card or personal information.
  • If you are expecting a delivery, track it directly by typing emiratespost.com into your browser.
  • If you have already entered card details, contact your bank immediately to block the card.
  • Report the phishing page to Emirates Post Group and to the relevant authorities.

Protective measures:

  • Never click links in unsolicited delivery messages. Always go directly to the official courier website.
  • Never pay a “redelivery fee” via a link. Legitimate fees are handled in person, through the official app, or after logging into your account.
  • Check the URL carefully: Official Emirates Post domains end with emiratespost.com. Look for misspellings, extra words, or unusual top‑level domains.
  • Enable transaction alerts on your bank account.

Leave a comment

Your email address will not be published. Required fields are marked *