Post Office Phishing Campaign Targets People in 26 Countries

  • There’s a large-scale phishing campaign impersonating the post office services of 26 countries.
  • The actors send something relevant to an item that cannot be delivered and ask the recipient to take action.
  • The victim is then taken to a phishing page where they are requested to enter their credit card details.

Researchers from Trend Micro have been following a widespread phishing campaign that targets users from at least 26 countries, using emails that pretend to come from their national post offices. According to the shared stats, about 280,000 emails of this kind have been distributed between December 1, 2020, and January 10, 2021.

The actors attempted to take advantage of the holiday shopping spree that was further amplified by the lockdowns. This is similar to what we’ve seen by other phishing groups at the start of last December, sending emails that pretended to come from shipping companies.

Source: Trend Micro

The list of the affected countries and the spoofed post offices are the following:

  • Australia: Australia Post
  • Netherlands: PostNL
  • Brazil: Correios Post
  • New Zealand: New Zealand Post (NZ Post)
  • Canada: Canada Post
  • Philippines: PHL Post
  • Chile: Correos de Chile (aka CorreosChile)
  • Portugal: Correios de Portugal (Portugal CTT)
  • Finland: Posti
  • Singapore: Singapore Post
  • France: Chrono Post
  • Slovakia: Slovakia Post
  • Germany: Deutsche Post
  • Sweden: Post Nord
  • Hong Kong: Hong Kong Post
  • Switzerland: Swiss Post
  • Ireland: An Post
  • Taiwan: Chunghwa Post
  • Israel: Israel Post
  • Turkey: Posta ve Telgraf Teşkilatı (PTT)
  • Japan: Japan Post
  • UK: Post Office
  • Korea: Korea Post
  • United Arab Emirates: Emirates Post
  • Malaysia: Malaysia Post
  • US: United States Postal Service (USPS)

The messages typically contain the keyword “your package,” and the headlines mention something relevant to delivery failure, pending delivery, inability to locate the recipient, shipping notification, last reminder, etc. So, all of the messages are attempting to create a sense of urgency for the recipient and set the ground for action.

Source: Trend Micro

That action is to give away sensitive personal details like the credit card data, for example, which is supposedly needed for the delivery of the item. The phishing page where the victim lands if they click on the button/link that’s embedded on the message body is attempting to continue the impersonation of the post firm through the use of logos.

Up to a point, it manages to reach a convincing result. If the visitor starts clicking on other links on that website, though, they will quickly realize that nothing works, so the page is clearly a scam.

Source: Trend Micro

To avoid getting tricked by phishing campaigns of this kind, practice keeping your composure and treat all incoming communications with a suspicious mind. Do not jump on pages through links or buttons contained on emails, do not enter sensitive information on forms willy-nilly, and carefully inspect both the message you’re reading and the website you are on. Usually, there are several tell-tale signs to indicate that you’re dealing with fraudsters.

REVIEW OVERVIEW

Latest

Is It Okay to Charge iPhone 13, Mini, Pro, or Pro Max Overnight?

Without any doubt, there are plenty of misconceptions about charging iOS devices. That’s even more true now since this year’s iPhones have the...

Is It Okay to Play Games While Charging iPhone 13? 

The iOS App Store offers more than one million games. Your options are practically limitless, with console-like games taking full advantage of iPhone 13’s...

Is It Bad to Use iPhone 13 While Charging? 

The latest iPhone generation comes with the longest battery life yet, managing to provide up to 2.5 extra hours of use. With that said,...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari