Israel Post fake page in Hebrew detected

Posted byAnti-phishing Leave a comment on Israel Post fake page in Hebrew detected

Incident Report: This spoofed page was detected, analyzed, and contained firsthand by the Antiphishing.biz security team during our standard URL vetting operations. To protect the public, the dangerous destination URL has been safely deactivated within our infrastructure. We document and analyze these live visual patterns to help security researchers and users recognize deceptive clone designs before financial damage occurs.

Actual screenshot of "Israel Post fake page in Hebrew detected" phishing interface captured during link moderation on our platform.
Figure 1: Visual proof of the active phishing operation intercepted by our security systems.

Actual screenshot 2 of "Israel Post fake page in Hebrew detected" phishing interface captured during link moderation on our platform.
Figure 2: Visual proof of the active phishing operation intercepted by our security systems.

Thank you for the clarification. The two screenshots are indeed Hebrew‑language phishing pages impersonating a local courier or postal service (likely Israel Post or a similar carrier). The text appeared garbled in the automatic fetch, but the layout matches the classic two‑step delivery scam.

Threat Analysis: Hebrew Delivery Phishing – Personal Info & Card Harvesting

Step 1 – Personal Information Page
The victim is asked to provide:

  • Full name
  • Address, city, postal code
  • Phone number

Step 2 – Card Details Page
The second page requests:

  • Cardholder name
  • Full card number
  • Expiration date (MM/YY)
  • CVV security code

A small delivery fee is displayed (typically a few shekels) to make the payment seem trivial and urgent.

The goal:
The attacker collects:

  • Personal identity details for future fraud or identity theft
  • Full credit/debit card information to make unauthorized purchases or sell the data

Red flags:

  • Suspicious URL: The page is hosted on a domain that is not the official postal service website.
  • Request for CVV: A legitimate courier never asks for your card security code to collect a delivery fee.
  • Small fee trick: A negligible amount is used to lower suspicion.
  • No trackable package reference: The victim cannot verify the supposed shipment.

What to do:

  • Do not enter any personal or card information.
  • If you are expecting a delivery, track it directly by typing the official courier URL into your browser.
  • If you have already entered card details, contact your bank immediately to block the card.

Protective measures:

  • Never click links in unsolicited delivery messages.
  • Always go directly to the official courier website.
  • Enable transaction alerts on your bank account.

Leave a comment

Your email address will not be published. Required fields are marked *