Abnormal Security: USPS Phishing Attack Preys on Holiday Shoppers

Today, Abnormal Security published research on an email attack campaign designed to prey on shoppers eagerly awaiting ecommerce deliveries leading up to the holidays. In this attack, malicious actors impersonate a USPS package tracking page to steal credit card credentials from unsuspecting customers.

This attack mimics a delivery notification email from the U.S. Postal Service, notifying the recipient that their package cannot be delivered until their payment is confirmed. Although the email appears to originate from “USPS” and features the official USPS logo, the true sender is support [at] xmtservices [dot] com. The email prompts the recipient to confirm their package by clicking on a link which leads the recipient to a fake USPS tracking site claiming additional shipping fees must be paid to ensure package delivery. This page asks for payment details to fulfill this charge, setting a trap for the recipient to release sensitive credit card information to the scammers.

Many shipping companies have reported an increase in email impersonation scams characterized by these fake delivery notifications.


"Should recipients fall for this attack, scammers can use their credit card information to make unauthorized transactions," according to the researchers.


Abnormal expects this trend to continue to spike even more throughout year end.

For more information, read Abnormal Security's full blog post:

https://abnormalsecurity.com/blog/usps-credential-phishing/