I recieved an sms with my name, looking like "this is a delivery person, your package did not fit in the mailbox, do you want me to come another day or do you want to use a relay point". Long story short, being suspicious through all the process, I still opened the link and even entered my phone number (which they had) in there, before stopping.
The signs that it's a scam:
- the url did not correspont to the delivery company's name.
- I checked the secondary pages on the site - do not work or redirect to what looks like an official domain of the company.
- Checked if my package is even delivered by this company (international delivery, I didn't know who delivers it this side of the border) - nope.
- Okay, but maybe there is smth I forgot about? Opening the delivery service through the search engine, entering the number from the sms... Nothing.
It turned out my firefox wasn't updated for quiet some time. It only had sensors and network permissions. I deleted my browser after copying the bookmarks from it, I re-booted the phone, it updated in that reboot and I rebooted it again just in case.
And while it does seem like enough... I am not sure? Firefox had fixed some serious vulnerabilities in the updated versions which I did not have, which makes me more worried. The "best" response would be to nuke my phone and 3 other devices (2 laptops and a smartphone) that were connected to the same wifi, but I do feel like that's perhaps an overkill?
So I need advice on either what I did is enough or not and if I have to do anything else or not.
(I only got into opening the link and giving my phone number cause they had my number already and with the link I just assumed "in the moment" that suuure, why not, I'm on grapheneOS, everything is contenirized, etc")