Security Notice: This spoofed page was detected, analyzed, and contained firsthand by the
Antiphishing.bizsecurity team during our daily link moderation procedures. To protect the public, the hostile origin link has been safely deactivated within our infrastructure. We document and analyze these live visual patterns to help security researchers and users detect replica fraud techniques before financial damage occurs.
This screenshot shows a German‑language phishing page using a small fee (€1.99) as a pretext to steal full credit card details (card number, expiration date, CVV) under the guise of a “tax” to reschedule a delivery.
Threat Analysis: Delivery Fee Phishing – Card Harvesting
How it works:
The victim receives an SMS or email claiming a delivery requires a small tax payment. The link leads to this page, which asks for:
- Full name
- Card number
- Expiration date
- CVV
A fake order number is displayed to appear legitimate.
The goal:
The attacker captures full card details for fraudulent transactions.
Red flags:
- Suspicious URL: The page is hosted on a domain that is not an official courier site.
- Request for CVV: A legitimate delivery service never asks for your card security code for a small fee.
- Small fee trick: €1.99 is a trivial amount intended to lower suspicion.
- No personalization: No real tracking number or address is referenced.
What to do:
- Do not enter any card details.
- If you are expecting a delivery, track it directly on the official courier website.
- If you have already entered card details, contact your bank immediately.
Protective measures:
- Never click links in unsolicited delivery messages.
- Never pay a “redelivery fee” via a link.
- Enable transaction alerts on your bank account.