Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Shipping-Themed Phishing Scams Target the Middle East and Africa

    KnowBe4 Team | Mar 18, 2026

    Shipping-Themed Phishing Scams Target the Middle East and AfricaA surge in shipping-related phishing scams is targeting the Middle East and Africa (MEA) region, according to researchers at Group-IB.

    “To deliver the scam, the attacker sends a phishing link to victims via SMS using various spoofing or bulk-message techniques,” the researchers write. “These links are typically optimized for mobile devices, since most victims open SMS messages on their phones. Phishing pages often behave differently depending on the user agent, showing their full content only when accessed from a mobile browser.

    “In many cases, the attacker adds a mask or endpoint at the end of the URL, such as index.html, eg, i, org, or similar, to force the page to load correctly and display the phishing content.”

    The attackers are likely using the Darcula phishing-as-a-service platform, which allows them to launch region-specific phishing attacks at scale.

    “This scheme is made more convincing through localized targeting, where the threat actor would try mimicking the names of specific client organizations commonly used by the general public,” Group-IB says. “For example, they would deploy a URL like meapostal[.]click/index.html targeting a Middle East/Africa region entity.”
    Users and organizations should follow security best practices to avoid falling for these attacks.

    “As these fraudulent messages continue to circulate globally, understanding how they work is the first step in protection,” the researchers write.

    “For individuals, the core defense remains constant: never click unsolicited tracking links. Always verify a delivery status by navigating to the official courier website manually, following only official links from e-commerce platforms used and known tracking numbers from your real purchases and invoices. For businesses, a proactive defense including public education, robust domain security, and providing verification tools is essential to build trust and protect customers from pervasive social engineering threats.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    Group-IB has the story.

     

    Return To KnowBe4 Security Blog

    The world's largest library of security awareness training content

    In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world's largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.

    You can now get access to our Training  Preview to see our full library of security awareness content; you can browse, search by title, category, language or content topics.

    ModStore01-1The Training Preview includes:

    • Interactive training modules
    • Videos
    • Trivia Games
    • Posters and Artwork
    • Newsletters and more!

    Start Your Preview

     

    Topics: Phishing, Human Risk Management

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk best practices, compliance strategies and industry research to help organizations strengthen their human defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    We Train Humans & Agents
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest insights, trends and security news. Subscribe to CyberheistNews.