 פרידי מוצ' anyone who lives in Israel has heard of Doa Yisra'el Israel's National Postal Company Doa Yisra'el, or Israel Post in English, has been the subject of more complaints to Israel's government ombudsman than literally any other government institution, as well as some pretty hilarious skits on the Israeli internet. Having been an online ordering addict since pretty much the day I arrived in Israel, I actually have mostly good things to say about them. My stuff pretty much always makes it to my address, and as I discussed in my video about the cost of living in Israel, it's certainly one way to cut down on the high expenses entailed in living here. A more recent reason that Doa Yisra'el has made headlines in Israel, however, is the high volume of fishing scams that the company is subjected to. Fishing is a type of social engineering exploit in which hackers, fraudsters, and petty criminals pretend to be somebody they're not. They typically do this by creating web pages that mimic the branding and look and feel of a well-known organization like Israel Post. To move outside of the Israeli context for just a minute, let's imagine that a fraudster creates a website that looks just like Facebook. He might send you an email message that looks just like a real Facebook notification, and hope that you don't notice that the URL, that's the web address, is actually slightly different. Once you've signed into the fake Facebook, even if you then realize you've been conned, it's too late. The hacker has collected your username and password. In the worst case scenario, he can then use those credentials to plunder all your other online assets. This is one reason why using two-factor authentication is such an important step. Let's imagine how a hacker might apply this to Doa Yisra'el notifications. Doa Yisra'el, or Israel Post as I'll just call it so you can stop hearing my terrible Israeli accent, is of course a real and very legitimate government entity. Like any postal service, it sometimes needs to collect customer fees from customers. And like any other government agency, it needs some way of informing customers that these charges are due. So it sends out SMS messages and emails advising customers about charges owing. The problem is that it isn't super difficult for a fraudster to attempt to reverse engineer this situation for nefarious ends. Fishing is essentially a numbers game. Let's say that you have 1,000 phone numbers of known phone numbers in Israel. Perhaps 990 of those recipients will realize that your message is a con or never even see your fishing attempt because the message was detected by their spam filters. But even if only 10 of your recipients hand over their credit card details, the scam could be highly lucrative. I decided to make this video because while I consider myself reasonably tech savvy, I know the tech isn't everyone's cup of tea. I've read repatriation stories on social media groups about elderly people being robbed of substantial chunks of money by fraudsters who often leave no hint of their existence in their wake. I put together this video to pass on a few tips to help differentiate between bonafide communications from Doa Israel and flat out scams. To do this, I'm going to use some phishing SMS messages and emails that I have תמיד נפגשת, אני אעשה שוב קצת שדועה ישראל כי עוד תגשת על הישראל ובאלה אני אעשה שוב קצת שהוא משגל ולכך נפגשת את פיילים זאת הליכים את היסרטי ירושלים על הישראל, כדי להצחק את זה, אני מאפסיח שאני לא יעשה בגלל שכשהם זו דועה ישראל, מאז אין כאלה לא עושה ולא כל מה שלה אבל אני חלול שזה חלול אישכם ובכל את השער אולי ואז תתפסת את Barcelona. רemplות stor partnerships של קצת פייקENNIS ראłę, почему על כשריי Yum שום שם goal על כ différence, FOR מייחוד, 51 יונגопיר intro שם קטין חיר עבעה שם חütיר חילול Brown שם אח???? זה פר articulateella ברוזינג בבקשה של עצמת של עצמת, most legitimate messages that I've received from Doa ישראל appear as Israel post in the front field, I've seen some variations on this such as Israel post with an underscore between the two words. An orange to red flag to watch out for would be if the front field appears to be a private phone number but the message purports to be a bulk notification method from Doa ישראל. For instance, if the message was sent from a number beginning with a prefix like zero five four or zero five eight, this may indicate that the message is phishing. Detecting phishing is about having an appropriate index of suspicion. There's no need to panic at the first indication that a message may not be legitimate, rather it's the sum total of a few indications that usually make obvious whether you're dealing with phishing or something legitimate. Red flag two is errors in Hebrew. I've mentioned in plenty of my videos that I'm learning Hebrew and moved here from Ireland at the age of 25. Because my Hebrew isn't perfect I unfortunately don't want to share too many examples, however the type of grammar and spelling errors that I've seen in bad Doa ישראל phishing attempts were bad enough that even I could spot them. Notification methods from Doa ישראל that are communicated in Hebrew are written by a native Hebrew speaker. If you see obvious misspellings or faulty grammar then this is a very strong indication that the message may be phishing. Red flag three non-official URLs and link shortners. When we discuss phishing messages sent by email I'll share a bit more detail about inspecting the sender field. Doa ישראל operates a URL that's a website called israelpost.co.il. Postil.com is also a real official domain that Doa ישראל owns and operates although it's mostly used for hosting email addresses. If your message from Doa ישראל contains any links whether by text or email then check whether these links are to Doa's official websites. Don't forget the buying domains that look very similar to the real thing is incredibly easy. I just ran a search on Godaddy which is a popular domain reseller for israelpostils.com. I could have bought it for about $10. This is precisely the kind of URL that it would be phishing criminal would be interested in purchasing. It looks close enough to the real thing that many people quickly glancing at their phone during a busy day simply wouldn't notice a difference. Another favorite practice of Doa ישראל phishing scammers seems to be disguising phishing links through link shortners such as bit.ly. These are web links that begin with bit.ly that's bit.ly. Again to be clear about this bit.ly is a perfectly legitimate website but it allows for phishing operators to easily create redirections to malicious websites that at first glance don't look all that bad or obvious. Red flag for shady graphics. Another thing that phishing operators seem to be unusually good at is creating the logo graphics for the organization they're pretending to be that just look kind of amateurish. Doa ישראל shared a few such attempts on their web resource which I'll link to in the video description. It is in Hebrew but they share a few useful examples of common tactics they've seen reported by their customers. The commonality here is that the hackers do a poor job at trying to replicate the look and feel of official legitimate correspondence. Look for the slightly wrong tone of red or an email from Doa that actually uses a wrong logo. These subtle cues can indicate that something is amiss. Email scams. Doa ישראל sends notifications to customers through email, sms, and slips of paper. I've been buying things from amazon, aliexpress, and ebay for many years and have received probably thousands of legitimate notifications from Doar. Some tell me that a package has arrived to my nearest post office. Less commonly I get notified that I have that or VAT to pay. There seems to be no rhyme or reason why some of these notifications arrive only by email, others by sms, and some by both. So the sending method alone isn't a clue that something is up. For scammers, whether to use sms or email probably depends on what kind of illicit contact list they can buy. But if they're using email as their channel there are a couple of easy ways for potential victims to make sure they don't fall into a trap. Firstly, check the sending address of any email that purports to be a notification from Doar. As I explained before, this should emanate from either of the official Doar ישראל domain names. Because it's possible to spoof domain names which means that hackers make it look like they're sending from a domain they don't actually own, it's also occasionally worth clicking into Show Original Message to make sure that the email isn't actually coming from another website. Finally, when hackers try to spoof domain names email clients like Gmail tend to warn users that something is amiss about the message. Commonly you'll see a red warning indicating that this message might be a phishing attempt. This is a very very strong indication it really is. If you encounter a phishing email from Doar and you're certain it's not genuine, please click the report as spam button to help other users avoid falling into a similar fate and also consider reporting to the Israel police. This is crowdsourcing at its best. Besides checking the from field all the other warnings mentioned above apply equally to email MSMS. Some scams the criminals actually attempt. I mentioned that in order to prepare this video I posted in a popular English speaking group in Israel called Secret Jerusalem. I wanted to get a feel for what kind of scams and ruses fraudsters attempt in order to help you beyond the lookout for them. If I were to create a menu for the list of tactics that Doar used for a phishing fraudsters use I would call the following one the classic. To be successful it relies upon the fact that an awful lot of Israelis buy stuff online and are therefore receiving messages from the postal service somewhat regularly. The scam goes like this. The fraudster will send out a bulk SMS mail blast and says something like in respect of your order it was tracking code ABC you need to pay customs or tax you can pay it this link. Legitimate Doar Israel messages commonly do include tracking codes. The problem is that the tracking code that the fraudster has included is gobbledygooky just it's made up completely. If you receive a message from Doar Israel asking you to pay customs or tax firstly make sure that the message is referencing a real item. You can do this by copying and pasting the tracking code into Doar Israel's online tracking page. If you don't know where to find this google macav Doar. Better still you should sign up for Doar Shali which is called My Post in English. I did a video before explaining how this very useful service from the post office works. By associating with the phone number on your mail items the system will show you which items are on their way to you in the post. There's even a button to pay the tax owing online and you can use this to see if there is any tax owing. Let me be clear about something. Doar Israel sends out genuine message prompting users to pay customs online. I got one just a few days ago and I paid by credit card so how did I know that this wasn't a scam? A few reasons. Firstly there were no red flags in the message asking me to pay. Secondly I recognize that the tracking code belonged to something fairly large that I had ordered online, a camera light and I knew that I indeed had to pay VAT. Finally the link in the message was legitimate and redirected me to an official Doar Israel URL to make the payment. So in this case the activity was perfectly innocuous. It was a real notification. I paid my customs and tax fee using a real credit card over the internet. A few days later I got my camera light. So besides sending out bogus tracking codes asking for custom payments and hoping you don't notice any red flags there are a few other ways in which fraudsters commit crime. Another tactic I've heard about repeatedly is a scammer calling up a random phone number. Commonly the scammer will ask whether you've recently placed any large online orders. If I didn't think this was suspicious I might answer oh yeah I just bought a camera light. The scammer would respond by telling me that VAT or customs were owing on that light import and then send me a link to pay by SMS or email. Clearly the link would be bogus and the only way the fraudster was able to pull this off was because I was gullible enough to believe that this interaction was legitimate. That is how social engineering works. Unfortunately it would probably take me at least another half hour to run through all the various permutations of phishing scams that can be carried out by con artists pretending to be Doar Israel post. Remember that phishing is sort of like a game of cat and mouse as people catch on to the ways of the tricksters the criminals are forced to get imaginative and find new ways to scam people out of their hard-earned money. If there is a demand for it therefore I might follow up with another video covering some more of the phishing operator's favorite tactics. If you have a friend, family member or loved one who has been the victim of a phishing attack then please consider reporting the matter to the Israeli police as it's a cyber crime. Please also consider sharing this video with them to help them get ahead of the curve on what scams and tactics to look out for. Thanks for watching and if you'd like to get more videos from me about life in Israel and other topics do consider subscribing to this YouTube channel.