A sophisticated phishing campaign impersonating the United States Postal Service (USPS) is targeting residents with fraudulent SMS and emails claiming an “incomplete address” for package delivery. Victims are directed to a cloned website that steals personal information and credit card details, including CVV and 3D-Secure codes, by prompting for a small re-delivery fee.
Threat Intel: This spoofed page was intercepted, verified, and locked down firsthand by the Antiphishing.biz security team during our automated link scanning workflows. To protect the public, the dangerous destination URL has been fully defanged within our infrastructure. We document and analyze these live visual patterns to help security researchers and users recognize deceptive clone designs before financial damage occurs.
This phishing scam uses SMS or email impersonating DHL or USPS to lure victims with fake “delivery issues” or “small fees” into entering personal data, credit card details, and 3D-secure codes. The attackers create high-fidelity clones of tracking pages to steal financial credentials and use stolen SMS codes for fraudulent purchases. To stay safe, ignore links in messages, use official company apps for tracking, and never provide a CVV code for shipping address verification.
This logistics phishing case, targeting both DHL and USPS, uses “micro-payment” baiting, where attackers request a small fee to trick victims into providing full credit card details and 3D-Secure codes. The attack exploits high shipping volumes by sending SMS messages for fake “address errors” and collecting personal data on fraudulent sites designed to steal financial credentials.
Expert Security Tip: To avoid this threat, never click links in delivery text messages, but manually enter tracking numbers on official websites and carefully read bank SMS alerts for discrepancies in transaction amounts.