USPS fake page revealed

Posted byAnti-phishing Leave a comment on USPS fake page revealed

This screenshot shows a phishing page impersonating USPS (United States Postal Service) , using a small fee ($2.99) as a pretext to steal credit card details. The page claims the victim has been transferred to a “secure payment environment” and displays a Visa logo, but the actual card entry form is likely on a subsequent page or may have been omitted from the screenshot.

Threat Analysis: USPS Phishing – Small Fee & Card Harvesting

How it works:
The victim receives an SMS or email claiming a package requires a redelivery fee, customs payment, or address confirmation. The link leads to a fake USPS tracking page, then redirects to this “secure payment” page. The victim is asked to enter credit card details (full number, expiration, CVV) to pay the $2.99 fee.

The goal:
The attacker captures full credit/debit card information to make fraudulent purchases or sell the data.

Red flags to watch for:

  • Suspicious URL: The page is hosted on a domain that is not usps.com. Legitimate USPS payment pages are only on official domains.
  • Small fee trick: $2.99 is a trivial amount designed to lower suspicion.
  • Fake “secure payment environment” claim: Real USPS payments are integrated into the official site, not presented on a generic page like this.
  • No tracking number or personalized information: The page lacks any details that would tie it to an actual package.

What to do if you encounter this:

  • Do not enter any card details.
  • If you are expecting a USPS delivery, track it directly by typing usps.com into your browser.
  • If you have already entered card details, contact your bank immediately to block the card.
  • Report the phishing page to USPS (e.g., via their official fraud reporting page).

Protective measures:

  • Never click links in unsolicited delivery messages. Always go directly to the official courier website.
  • Never pay a “redelivery fee” via a link. Legitimate fees are collected through the official site after logging in or upon delivery.
  • Enable transaction alerts on your bank account to catch unauthorized charges early.

Leave a comment

Your email address will not be published. Required fields are marked *