Skip to main content
Customer Support Customer Support

Another USPS Smishing Campaign - this time targets by State

quicks
New Voice

 

Smishing campaign targets recipients by State with fake USPS non-delivery notices


New Smishing and Phishing Campaign.
USPS Phishing website.
Domain Creation Date: 10-11-2022
Website Creation Date: 10-12-2022
First Discovery: 10/25/2022

Domain Registrar: Name Silo (Phoenix, AZ)
DNS: DNSOwl[.]com (San Fransisco, California)

Used in Smishing Campaign:
"[USPS POSTAL] Shipment expected to arrive {DATE} has been sent to local USPS handling facility, visit USPS-Texas[.]Com for further assistance."

Dates in messages will vary.
Originating phone numbers will vary.


https://www.virustotal.com/gui/domain/usps-texas.com

https://www.tnwcreations.com/post/new-phishing-website-fake-usps-texas-texts/

 

I'm salty. I bite. Also... I'm Batman.

8 replies

Jamesharris85
New Voice
Forum|alt.badge.img+4

And the amazing part here and proof that phishing works is that when I first read this, I read it as UPS and not USPS 🤣

James Harris
quicks
1 person likes this
  • quicks
    quicks
MajorHavoc
Bronze VIP
Forum|alt.badge.img+25
  • MajorHavoc
  • Bronze VIP
  • 1278 replies
  • October 27, 2022

I got two of these. But as I teach clients, do not click the links. Go to your account on the service and log in there. If the message is real, you should be able to find the info on the company’s website.

 

Smishing? When did this term surface and how is smishing different fro phishing?

- Owen Rubin,  Apple Expert. Worked in Vision Pro team and early Mac HW and OS engineer at Apple. Machines: 2017 iMac Pro 27" 5K 3GHz 10-Core Xenon Sonoma 14.x. 2023 14" MacBookPro M2 Max Ventura 13.x, 2018 16" MacBookPro Ventura 13.x, and a dozen or so older machines for testing. iPhone 14 Pro, iPhone 13 Pro, iPhone 6.
TylerM
Administrator
Forum|alt.badge.img+25
  • TylerM
  • Sr. Security Analyst & Community Manager
  • 1268 replies
  • October 27, 2022
MajorHavoc wrote:

 

Smishing? When did this term surface and how is smishing different fro phishing?

Been around at least 5 years.

 

SMS phishing is what it alludes to (they think they are so clever with names)

quicks
1 person likes this
  • quicks
    quicks
MajorHavoc
Bronze VIP
Forum|alt.badge.img+25
  • MajorHavoc
  • Bronze VIP
  • 1278 replies
  • October 28, 2022
TylerM wrote:
MajorHavoc wrote:

 

Smishing? When did this term surface and how is smishing different fro phishing?

Been around at least 5 years.

 

SMS phishing is what it alludes to (they think they are so clever with names)

I did not think I was asleep that long!  Thank you. 😀

- Owen Rubin,  Apple Expert. Worked in Vision Pro team and early Mac HW and OS engineer at Apple. Machines: 2017 iMac Pro 27" 5K 3GHz 10-Core Xenon Sonoma 14.x. 2023 14" MacBookPro M2 Max Ventura 13.x, 2018 16" MacBookPro Ventura 13.x, and a dozen or so older machines for testing. iPhone 14 Pro, iPhone 13 Pro, iPhone 6.
Martin.1
Popular Voice
Forum|alt.badge.img+4
  • Martin.1
  • Popular Voice
  • 424 replies
  • October 28, 2022

The most famous one is contact us for your inheritance claim doing major rounds here in SA on the smishing side. 

 

Surely people need to learn to think. If I got an “account” on Amazon for example, if I log on securely to the site, any changes should be notified from there and through there? 

MV
Jamesharris85
New Voice
Forum|alt.badge.img+4

Smishing sounds...icky

James Harris
Martin.1
Popular Voice
Forum|alt.badge.img+4
  • Martin.1
  • Popular Voice
  • 424 replies
  • October 28, 2022

@Jamesharris85 

1 Attachments
MV
quicks
New Voice
  • quicks
  • Author
  • New Voice
  • 20 replies
  • October 31, 2022
TylerM wrote:
MajorHavoc wrote:

 

Smishing? When did this term surface and how is smishing different fro phishing?

Been around at least 5 years.

 

SMS phishing is what it alludes to (they think they are so clever with names)

 

What Tyler said. Smishing = Phishing using SMS.
 

Or as the Oxford Dictionary states,
“the fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers.“

Here’s a post on Webroot about Smishing for those curious types.
https://www.webroot.com/blog/2019/09/16/smishing-explained-what-it-is-and-how-you-can-prevent-it/

I'm salty. I bite. Also... I'm Batman.

Reply


Terms & Conditions