Yep, click on the link… takes you to my Nigerian bank account.
Actually, it is legit
no it’s probably not. scammers spoof the number & the link is http, an post should be https. it’s a phishing link. redirects to https://anpost.paypostal-alert.com/ap
it should end with /ie not /ap
No, An Post specifically don’t include any links in the emails or text about vat/duty payments because of this. It will only have a reference number for you to put in on the An Post website yourself.
The fact that this question keeps arising demonstrates how important it is that people should take a little bit of time to learn about phishing and what to look out for. Of particular note is understanding how web addresses are constructed and being able to decipher which is real and which is fake.
Scammers can mask their message source through telecommunications to appear to be from legitimate sources (like AIB/An-Post).
Scam. Texts from An Post never include links or tell you the amount. A genuine text from them will just say “Please pay customs charge on the An Post website or any post office” and include the reference number
The domain is paypostal-alert.com this is 100% a scam. As u/daftdave41 said an post don’t send links but if they did it would be for anpost.ie
Simple trick, no tracking number, no money.
For more details… An Post current texts about customs payments is:
“Customs charges of [amount] apply for [tracking number]. Please pay on the An Post website or any Post Office by [date] with Ref: [reference number]”
I get them every few weeks, they have not included a link since mid-2021 in my old texts and *always* include the tracking number. Another small detail, An Post uses the € symbol. As an example, €5.89, never 5.89 EUR like you have there.
They also send a letter and sometimes an email, never just a text. Your milage may vary, I’ve only gotten the email once, but always get the letter. There might be a way to opt out of those and just get texts, I don’t know.
It changed sometime between December of last year and April this year. Old ones were a bit different, they were
“[Tracking number] please pay custom charge on the An Post website or at any Post Office with [reference number]”
I’m looking at even older ones, the only ones I can see with a link is for alternative delivery options, but the url still includes the tracking number.
[deleted]
No. You should never click a link in an email or message. Type in the company your browser instead. In your case “an post pay fees” into your browser and follow that link that pops up, if it even exists.
Secondly, you shouldn’t go with a URL that SUFFIXES the original. IE: anpost.com is fine. A prefix of pay.anpost.com would also be fine. But if they suffix it such as anpost.pay.com, chances are it’s a scam.
not legit
Nope. Highly unlikely you gave your number out and an post leave a written note if they can’t deliver.
They do text but they don’t give a link in text. The text will give a reference number and say to pay on the An Post website or at a post office.
Its a scam massage.
Ask yourself are you expecting post. Then contact your local sorting office… Be aware always of text emails etc regarding money payments.
Nope. Block.
Oh my fucking god
Look at the URL dude, does it look real?
Nope.
I never click links personally unless a really trusted source. Easy way to find a location though.
It’s worrying how many people fall for these and even have to ask if they are legit.
People are so easily manipulated it’s scary.
Break down the URL.
It will have a protocol (HTTP:// or https://)
Often that is excluded as browsers will put it in automatically.
Then there is the domain, in this case it’s paypostal-alert.com
Doesn’t sound very legit does it?
The rest are subdomain details that doesn’t matter too much.
As a general rule, look for the first single forward slash, the part before that is the domain. Is that domain the official domain of the company you think the message is from?
If there is no single forward slash, imagine it’s at the end of the URL.
21 comments
Yep, click on the link… takes you to my Nigerian bank account.
Actually, it is legit
no it’s probably not. scammers spoof the number & the link is http, an post should be https. it’s a phishing link. redirects to https://anpost.paypostal-alert.com/ap
it should end with /ie not /ap
https://www.anpost.com/Post-Parcels/Receiving/Pay-Customs-Charge is the real one as far as i can see
advice here https://www.anpost.com/Security
No, An Post specifically don’t include any links in the emails or text about vat/duty payments because of this. It will only have a reference number for you to put in on the An Post website yourself.
The fact that this question keeps arising demonstrates how important it is that people should take a little bit of time to learn about phishing and what to look out for. Of particular note is understanding how web addresses are constructed and being able to decipher which is real and which is fake.
Scammers can mask their message source through telecommunications to appear to be from legitimate sources (like AIB/An-Post).
Scam. Texts from An Post never include links or tell you the amount. A genuine text from them will just say “Please pay customs charge on the An Post website or any post office” and include the reference number
The domain is paypostal-alert.com this is 100% a scam. As u/daftdave41 said an post don’t send links but if they did it would be for anpost.ie
Simple trick, no tracking number, no money.
For more details… An Post current texts about customs payments is:
“Customs charges of [amount] apply for [tracking number]. Please pay on the An Post website or any Post Office by [date] with Ref: [reference number]”
I get them every few weeks, they have not included a link since mid-2021 in my old texts and *always* include the tracking number. Another small detail, An Post uses the € symbol. As an example, €5.89, never 5.89 EUR like you have there.
They also send a letter and sometimes an email, never just a text. Your milage may vary, I’ve only gotten the email once, but always get the letter. There might be a way to opt out of those and just get texts, I don’t know.
It changed sometime between December of last year and April this year. Old ones were a bit different, they were
“[Tracking number] please pay custom charge on the An Post website or at any Post Office with [reference number]”
I’m looking at even older ones, the only ones I can see with a link is for alternative delivery options, but the url still includes the tracking number.
[deleted]
No. You should never click a link in an email or message. Type in the company your browser instead. In your case “an post pay fees” into your browser and follow that link that pops up, if it even exists.
Secondly, you shouldn’t go with a URL that SUFFIXES the original. IE: anpost.com is fine. A prefix of pay.anpost.com would also be fine. But if they suffix it such as anpost.pay.com, chances are it’s a scam.
not legit
Nope. Highly unlikely you gave your number out and an post leave a written note if they can’t deliver.
They do text but they don’t give a link in text. The text will give a reference number and say to pay on the An Post website or at a post office.
Its a scam massage.
Ask yourself are you expecting post. Then contact your local sorting office… Be aware always of text emails etc regarding money payments.
Nope. Block.
Oh my fucking god
Look at the URL dude, does it look real?
Nope.
I never click links personally unless a really trusted source. Easy way to find a location though.
It’s worrying how many people fall for these and even have to ask if they are legit.
People are so easily manipulated it’s scary.
Break down the URL.
It will have a protocol (HTTP:// or https://)
Often that is excluded as browsers will put it in automatically.
Then there is the domain, in this case it’s paypostal-alert.com
Doesn’t sound very legit does it?
The rest are subdomain details that doesn’t matter too much.
As a general rule, look for the first single forward slash, the part before that is the domain. Is that domain the official domain of the company you think the message is from?
If there is no single forward slash, imagine it’s at the end of the URL.