Recently I have started receiving a lot of spam text messages. Each message is similar. Each one is addressed to someone who isn't me.
"Dr Oz called this the most potent erection pill. <not my name>., last up to 3 hours with no side effects" <link to spam site>
-- or --
Thank you Oprah for your appraisal: because of that we're opening a FREE sample programme for EVERYONE! <not my name>., lose 20 lbs:
At first I tried to ignore the text messages. However, I have been getting one every other day and it is starting to get old. So, I decided to do some investigating.
I hit a few of the links in the text messages with curl and to my surprise, each link redirects to https://www.google.com.
curl -v <some-site>.com/<random-characters>
* Trying <ip-address>...
* TCP_NODELAY set
* Connected to npit9.com (<ip-address>) port 80 (#0)
> GET /zFYFoXfVF8 HTTP/1.1
> Host: npit9.com
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 302 Found
< Server: nginx/1.6.2
< Date: Sat, 18 Jul 2020 20:19:25 GMT
< Transfer-Encoding: chunked
< Connection: keep-alive
< Location: https://www.google.com
<
* Connection #0 to host <some-site>.com left intact
Here is what I know:
1. Every message has a different link that is a six letter domain and the path is a series of random characters and each is addressed to a person that isn't me.
2. Every URL is registered by namecheap.com.
3. Every URL points to the same IP address.
4. Every link redirects to https://www.google.com
What can a spammer possibly gain from this?
Why are the links so clearly suspicious you ask?
It is part of the scam. It weeds out those who are unlikely to be scammed early in the pipeline so that scammers don't waste resources on people who will not be duped.
Why redirect to google? They already have everything they need from you including a hash that points back to your phone number indicating what one of their various scams they got you to bite on. There is no longer any reason for them to keep your focus on their data collection site and immediately send you someplace benign. Google seems as good a choice as any.