Significantly more phishing scams involving the spoofing of the U.S. Postal Service and postal services in other countries, including Mexico, Costa Rica, Chile, Finland, Australia, and the Netherlands, aimed at exfiltrating personal and financial information have emerged in recent weeks, according to KrebsonSecurity.
Attacks aimed at USPS customers were noted to involve the delivery of an SMS message notifying about a supposed package issue that included a phishing link that redirected to the "usps.informedtrck[.]com" site that sought the target's address and other information.
Further examination of the phishing page revealed its failure to load an image from the "fly.linkcdn[.]to." domain, which was previously linked to other USPS phishing domains, as well as a Google Analytics code that was also observed in years-old USPS phishing pages.
Information submitted to the phishing site was noted to be sent through an automated bot on Telegram. Such a development comes after another phishing campaign aimed at USPS customers by suspected Iran-based threat actors was reported by DomainTools researchers.