Cyber Security Threat Summary:
As we approach the holiday season, we've remained vigilant in warning our members about the recent surge in phishing attacks targeting U.S. Postal Service (USPS) customers. These malicious campaigns are disseminated through SMS, email, and various other phishing methods. In these attacks, criminals impersonate USPS services with the intent to deceive individuals and pilfer personal and financial information.

In recent weeks, there has been a significant increase in phishing scams specifically directed at USPS customers. One such elaborate operation involves SMS-based phishing attempts designed to trick recipients into divulging their personal and financial data. These attacks utilize a fake USPS identity, as well as mimic postal services in numerous countries worldwide.

A concerned reader recently received an SMS that claimed to be from USPS, indicating an issue with a package addressed to them. Upon clicking the provided link, the reader was directed to the domain usps.informedtrck[.]com.

Security Officer Comments:
It's important to highlight that this phishing domain is relatively recent, and there is limited ownership information available in WHOIS records. Upon closer examination, this domain is linked to numerous USPS-themed phishing domains. Some notable examples include:

• usps.receivepost[.]com
• usps.trckpackages[.]com
• usps.infortrck[.]com
• usps.stamppos[.]com
• usps.tackingpos[.]com
• usps.posinformed[.]com

While brand impersonation attacks of this kind have endured over time, the current report not only unveils novel redirection strategies but also offers a new roster of deceitful domains that organizations can take preemptive measures to block or closely examine for gathering further insights.

In past incidents, we've not only witnessed cybercriminals seeking to pilfer information from their targets, but we've also witnessed the deployment of diverse ransomware strains through counterfeit shipping labels. These attacks know no boundaries, affecting individuals both in their personal and professional environments, as logistics services play a critical role in both domains.

Suggested Correction(s):
As we immerse ourselves in the festive holiday season, it's paramount to emphasize essential precautions to friends and family, keeping them vigilant to ward off phishing scams. Practicing caution is of utmost importance when confronted with unsolicited links or attachments in emails, text messages, or any other communication platforms. In moments of uncertainty, it's wise to inform and train staff to manually access websites or services. Employees may find it beneficial to rely on trusted bookmarks to guarantee the legitimacy of the sites they visit.

Link(s):
https://krebsonsecurity.com/2023/10/phishers-spoof-usps-12-other-natl-postal-services/