How holidays and trustfulness of citizens affect the activity of scammers.
Despite an extensive information campaign and warnings, fraudulent schemes that mimic the services of the postal service continue to operate successfully. Akamai found a significant increase in the activity of such schemes during the Christmas holidays of 2023 on the example of the US Postal Service (USPS).
Based on an analysis of the domains that phishing SMS messages sent to the phone of one of the Akamai employees pointed to, the team found that traffic to fraudulent sites is often comparable to traffic on the official USPS website. During the holiday and pre-holiday periods, when people expect a larger number of parcels, the activity of fraudsters increases.
SMS message with a link to the phishing site (left) and notification of delivery cancellation on the phishing site (right)
The most popular of the fraudulent domains (usps-post[.]world) attracted more than 169 000 requests in 5 months. Such fake websites often offer visitors to pay for the re-delivery of non-existent packages, requiring them to enter their payment card details.
Comparison of traffic on the (blue)and phishing domains (red)
Despite the warnings of the US Post Office (USPS) and the US Postal Inspection Service, many people continue to fall for the tricks of cybercriminals, which makes fraudulent schemes still relevant and profitable.
Despite an extensive information campaign and warnings, fraudulent schemes that mimic the services of the postal service continue to operate successfully. Akamai found a significant increase in the activity of such schemes during the Christmas holidays of 2023 on the example of the US Postal Service (USPS).
Based on an analysis of the domains that phishing SMS messages sent to the phone of one of the Akamai employees pointed to, the team found that traffic to fraudulent sites is often comparable to traffic on the official USPS website. During the holiday and pre-holiday periods, when people expect a larger number of parcels, the activity of fraudsters increases.
SMS message with a link to the phishing site (left) and notification of delivery cancellation on the phishing site (right)
The most popular of the fraudulent domains (usps-post[.]world) attracted more than 169 000 requests in 5 months. Such fake websites often offer visitors to pay for the re-delivery of non-existent packages, requiring them to enter their payment card details.
Comparison of traffic on the (blue)and phishing domains (red)
Despite the warnings of the US Post Office (USPS) and the US Postal Inspection Service, many people continue to fall for the tricks of cybercriminals, which makes fraudulent schemes still relevant and profitable.
