Thank you for the clarification. The two screenshots are indeed Hebrew‑language phishing pages impersonating a local courier or postal service (likely Israel Post or a similar carrier). The text appeared garbled in the automatic fetch, but the layout matches the classic two‑step delivery scam.
Threat Analysis: Hebrew Delivery Phishing – Personal Info & Card Harvesting
Step 1 – Personal Information Page
The victim is asked to provide:
- Full name
- Address, city, postal code
- Phone number
Step 2 – Card Details Page
The second page requests:
- Cardholder name
- Full card number
- Expiration date (MM/YY)
- CVV security code
A small delivery fee is displayed (typically a few shekels) to make the payment seem trivial and urgent.
The goal:
The attacker collects:
- Personal identity details for future fraud or identity theft
- Full credit/debit card information to make unauthorized purchases or sell the data
Red flags:
- Suspicious URL: The page is hosted on a domain that is not the official postal service website.
- Request for CVV: A legitimate courier never asks for your card security code to collect a delivery fee.
- Small fee trick: A negligible amount is used to lower suspicion.
- No trackable package reference: The victim cannot verify the supposed shipment.
What to do:
- Do not enter any personal or card information.
- If you are expecting a delivery, track it directly by typing the official courier URL into your browser.
- If you have already entered card details, contact your bank immediately to block the card.
Protective measures:
- Never click links in unsolicited delivery messages.
- Always go directly to the official courier website.
- Enable transaction alerts on your bank account.