US Post Office phishing sites saw almost as much traffic as real website
published 29 April 2024
During the holiday season, fake sites get even more traffic
Fake US Postal Service (USPS) websites, designed to steal people’s sensitive information and payment data through phishing, get almost as much traffic as the actual USPS website.
In fact, the real USPS site recorded less traffic than its impersonators during the holiday season, a new report from cybersecurity researchers Akamai Technologies has warned, telling consumers to be skeptical whenever shopping online, and to always keep the idea of fraud on their mind.
The report said that between October 2023 and February 2024 Akamai’s researchers observed impersonated USPS sites getting 1,128,146 queries, while the actual site got 1,181,235 queries. Between November and December specifically, fake sites got even more traffic, as hackers ramped up their efforts during the holiday season.
Impersonating major brands
Akamai also stressed that the researchers only analyzed the websites that have the USPS string in their name, and that the number of fake websites impersonating major brands and services is almost definitely a lot bigger. Consequently, the traffic going to fake websites is probably larger, too.
The most popular domains are, as one might have expected, .com (4459 domains with 271,278 queries), and .top (3063 domains with 274,257 queries). Other notable mentions include .shop, .xyz, .org, and .info.
With USPS, hackers will usually pair fake websites with phishing emails or SMS messages. In these messages, the attackers will tell the victims their parcels cannot be delivered for some reason (for example, that the parcel is missing key delivery information, or that certain fees must be paid).
The messages will also carry a sense of urgency (for example, the victim will be given a few hours to pay the fee or submit the necessary information, otherwise the parcel will be returned to its sender).
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The campaigns are usually more effective during the holiday season, as many people make purchases online and don’t find such messages suspicious.
Via BleepingComputer
More from TechRadar Pro
- This new phishing attack targets iPhone and Android alike via RCS
- Here’s a list of the best firewalls around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Apple’s third-party Safari integrations rolled out with “catastrophic security and privacy flaws”
Hibernating cluster wakes up to map the entire Internet – but what could it be planning?
How to cancel BT broadband
Most Popular
-
1The space-age Typhur Dome might have solved the big problem with air fryers
-
2This super-cool music player is like an iPad and hi-res music streamer in one – and it works with Sonos and Bluetooth as well as wired speakers
-
3My favorite Nintendo Switch accessory, the upscaling mClassic, has received a very handy price cut at Amazon
-
4Want an AirTag-style tracker for your Android phone? Anker’s new devices could be bargains
-
5Early Star Wars Day trailer for Disney Plus’ The Acolyte includes a fan-favorite link to the prequel movies
-
1Nvidia CEO predicts the death of coding — Jensen Huang says AI will do the work, so kids don’t need to learn
-
2I was diagnosed with pre-diabetes – this app helped me change my diet
-
3Researchers at the University of Utah develop Pyroelectrochemical (PEC) cell that converts thermal energy into electricity
-
4So what if OpenAI Sora didn’t create the mind-blowing Balloon Head video without assistance – I still think it’s incredible
-
5Samsung is beginning mass production of its newest 290-layer V9 NAND chips, but V10 could have 430-layers