General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsLOOKOUT for Phishing Attempts from Attackers Posing as USPS
https://krebsonsecurity.com/2023/10/phishers-spoof-usps-12-other-natl-postal-services/KrebsOnSecurity recently heard from a reader who received an SMS purporting to have been sent by the USPS, saying there was a problem with a package destined for the readers address. Clicking the link in the text message brings one to the domain usps.informedtrck[.]com.
The landing page generated by the phishing link includes the USPS logo, and says Your package is on hold for an invalid recipient address. Fill in the correct address info by the link. Below that message is a Click update button that takes the visitor to a page that asks for more information.
The remaining buttons on the phishing page all link to the real USPS.com website. After collecting your address information, the fake USPS site goes on to request additional personal and financial data...
elleng
(131,477 posts)Silver Gaia
(4,553 posts)I deleted it.
I have the USPS app on my phone, so I knew it was bogus. I had no packages on the way.
They never send out anything like that anyway.
captain queeg
(10,322 posts)From a gmail account. Dont think usps uses gmail. Deleted.
housecat
(3,121 posts)Shermann
(7,489 posts)I guess ignore any sketchy posts from me in the near future. Well, sketchier than usual. Just ignore me altogether.
Response to blogslug (Original post)
Skittles This message was self-deleted by its author.
Skittles
(153,328 posts)GET ON THE WEBSITE AND LOOK IT UP FOR YOURSELF....how hard is that?
mitch96
(13,949 posts)The_Casual_Observer
(27,742 posts)Probatim
(2,553 posts)to fall for them.
I get emails from young women in Eastern Europe all the time - apparently I'm very popular over there.
Our office manager entered her server password after opening a phishing email. She quickly realized her mistake and notified our IT Manager. It was her third time in a month of doing something similar so I had to go to the office and give a lecture on this crap.
I used my Bulgarian mobster voice and read the emails from Eastern European women who want to meet me. Apparently, I'm very popular over there. I hope it sinks in - work is tough enough as it is.
The_Casual_Observer
(27,742 posts)to some phishing email and the subsequent ransomware brought down the whole network for months and cost us millions to recover and put better security in place.
Probatim
(2,553 posts)for.
It has to be a combination of mental laziness with a need to be productive. "I wasn't really paying attention, but it did look like the client wanted to pay us. You can't be mad at me for wanting us to get paid?" Not word for word what she said, but that's the gist.
Best part - as I'm walking people through examples, she goes in to gory detail about how she fell for this. The owner, the IT manager, and I were stunned as she recounted the mess.
Buns_of_Fire
(17,219 posts)telling me that my 2023 tax forms were incomplete, and here's a handy link to rectify the situation. That's 2023 - the year that hasn't even ended yet.
Thankfully, I checked with my personal Nigerian prince, and he told me not to worry about it, since he'd already withdrawn enough money from my checking, savings, and credit cards to cover any penalties and he'll take care of it. Whatta swell guy.
Vogon_Glory
(9,138 posts)Mine often include bogus parcel numbers.
I'm reluctant to discuss my methodology for determining which ones are fakes for fear that they're visiting sites like DU to learn how to scam better, but I try to avoid return addresses with hinky addresses,
ExWhoDoesntCare
(4,741 posts)I knew they weren't legit, because how would the USPS have gotten my phone number? I've never given it to them, and no shipper would have it to put on a mailing label, either. I never give my phone number out like that.
I forwarded screenshots of both messages to the USPS inspectors.
womanofthehills
(8,819 posts)Also - got another message supposedly from my grandson in trouble - first sentence was my grandsons voice saying Hi Grandma - then second sentence was a different voice. So they got his voice from somewhere. This is the fourth time Ive gotten a message like my car broke down in Mexico when I know he doesnt even have a passport or any desire to go to Mexico.
Xavier Breath
(3,690 posts)but then they somehow have their email address? Good grief.