USPS fake page revealed

Posted byAnti-phishing Leave a comment on USPS fake page revealed

Incident Report: This malicious interface was logged, cross-checked, and neutralized firsthand by the Antiphishing.biz security team during our daily link moderation procedures. To protect the public, the dangerous destination URL has been completely disabled within our infrastructure. We document and analyze these live visual patterns to help security researchers and users detect replica fraud techniques before financial damage occurs.

Actual screenshot of "USPS fake page revealed" phishing interface captured during link moderation on our platform.
Figure 1: Visual proof of the live scam infrastructure captured during routine moderation.

This screenshot shows a phishing page impersonating USPS (United States Postal Service) , using a small fee ($2.99) as a pretext to steal credit card details. The page claims the victim has been transferred to a “secure payment environment” and displays a Visa logo, but the actual card entry form is likely on a subsequent page or may have been omitted from the screenshot.

Threat Analysis: USPS Phishing – Small Fee & Card Harvesting

How it works:
The victim receives an SMS or email claiming a package requires a redelivery fee, customs payment, or address confirmation. The link leads to a fake USPS tracking page, then redirects to this “secure payment” page. The victim is asked to enter credit card details (full number, expiration, CVV) to pay the $2.99 fee.

The goal:
The attacker captures full credit/debit card information to make fraudulent purchases or sell the data.

Red flags to watch for:

  • Suspicious URL: The page is hosted on a domain that is not usps.com. Legitimate USPS payment pages are only on official domains.
  • Small fee trick: $2.99 is a trivial amount designed to lower suspicion.
  • Fake “secure payment environment” claim: Real USPS payments are integrated into the official site, not presented on a generic page like this.
  • No tracking number or personalized information: The page lacks any details that would tie it to an actual package.

What to do if you encounter this:

  • Do not enter any card details.
  • If you are expecting a USPS delivery, track it directly by typing usps.com into your browser.
  • If you have already entered card details, contact your bank immediately to block the card.
  • Report the phishing page to USPS (e.g., via their official fraud reporting page).

Protective measures:

  • Never click links in unsolicited delivery messages. Always go directly to the official courier website.
  • Never pay a “redelivery fee” via a link. Legitimate fees are collected through the official site after logging in or upon delivery.
  • Enable transaction alerts on your bank account to catch unauthorized charges early.

Leave a comment

Your email address will not be published. Required fields are marked *