Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Shipping-Themed Phishing Scams Target the Middle East and Africa

    KnowBe4 Team | Mar 18, 2026

    Shipping-Themed Phishing Scams Target the Middle East and AfricaA surge in shipping-related phishing scams is targeting the Middle East and Africa (MEA) region, according to researchers at Group-IB.

    “To deliver the scam, the attacker sends a phishing link to victims via SMS using various spoofing or bulk-message techniques,” the researchers write. “These links are typically optimized for mobile devices, since most victims open SMS messages on their phones. Phishing pages often behave differently depending on the user agent, showing their full content only when accessed from a mobile browser.

    “In many cases, the attacker adds a mask or endpoint at the end of the URL, such as index.html, eg, i, org, or similar, to force the page to load correctly and display the phishing content.”

    The attackers are likely using the Darcula phishing-as-a-service platform, which allows them to launch region-specific phishing attacks at scale.

    “This scheme is made more convincing through localized targeting, where the threat actor would try mimicking the names of specific client organizations commonly used by the general public,” Group-IB says. “For example, they would deploy a URL like meapostal[.]click/index.html targeting a Middle East/Africa region entity.”
    Users and organizations should follow security best practices to avoid falling for these attacks.

    “As these fraudulent messages continue to circulate globally, understanding how they work is the first step in protection,” the researchers write.

    “For individuals, the core defense remains constant: never click unsolicited tracking links. Always verify a delivery status by navigating to the official courier website manually, following only official links from e-commerce platforms used and known tracking numbers from your real purchases and invoices. For businesses, a proactive defense including public education, robust domain security, and providing verification tools is essential to build trust and protect customers from pervasive social engineering threats.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    Group-IB has the story.

    Topics: Phishing Human Risk Management

    Access the World’s Largest Security Awareness Library

    Explore over 1,000 interactive modules, videos, and games designed to sharpen user instincts and secure AI interactions. Get instant access to our Free Training Preview and find the perfect content to fortify your security culture.

    Get Your Free Training Preview

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the human and AI workforce to make safer security decisions every day. Trusted by over 70,000 organizations worldwide, we help strengthen security culture and manage risk. Our comprehensive AI-driven platform includes awareness and compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, agent security and more. As the only global security platform of its kind, KnowBe4 provides personalized content, tools, and techniques to keep the modern workforce safe from phishing, vishing, deepfakes, and emerging threats.

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk and agent security best practices, compliance strategies and industry research to help organizations strengthen their digital defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog

    We Train Humans and AI Agents. Socially engineered or prompt engineered? It's all human risk. Learn more

    Posts By Topic

    View All

    Get the latest insights, trends and security news. Subscribe to CyberheistNews.