Researchers at Akamai have found that phishing sites impersonating the U.S. Postal Service get as much traffic as the real USPS website.
“The amount of traffic to the illegitimate domains was almost equal to the amount of traffic to legitimate domains on a normal day — and greatly exceeded legitimate traffic during the holidays,” the researchers state.
Many of these sites are used in “failed delivery” scams. Links to the sites are distributed via text messages telling recipients to visit the site in order to schedule a redelivery. USPS is also the most impersonated sender.
“Looking at the overall numbers, we see two domains got more than 100,000 hits each: usps-post[.]world and uspspost[.]me,” Akamai says.
“Combined, these two are responsible for 29% of all malicious traffic inside our dataset. Keeping in mind that we’re only looking at a data sample, the traffic that some of these domains are seeing is truly mind-blowing. It’s not surprising that USPS phishing campaigns have been, and continue to be, so popular for scammers. Unfortunately, there are tons of people visiting these websites, which means they’re lucrative for the attackers running them.”
These types of scams spike during the holiday season, since many people are expecting real deliveries.
“The most popular domain that we saw is usps-post[.]world, a domain which might be mistakenly interpreted as an official international branch of the USPS,” the researchers write.
“Considering how lucrative well-designed malicious domains can be, we have to admit it is a well-chosen domain name. When you tack on the ‘failed delivery’ messaging, and/or the holiday-focused branding during the largest delivery time of the year in the United States, the success of these malicious pages makes sense.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Akamai has the story.
Here's how it works:
