Phishing Campaigns Targeting USPS See as Much Web Traffic as the USPS Itself
May 1, 2024, 11:07 p.m.
Tags
External References
Description
Following the 2023 holiday season, Akamai researchers uncovered a significant amount of highly likely malicious activity and domains purporting to be associated with the United States Postal Service (USPS). Akamai researchers compared five months of DNS traffic to the legitimate domain, usps.com, with DNS traffic to illegitimate combosquatted domain names.
Date
Published: April 29, 2024, 7:15 p.m.
Created: April 29, 2024, 7:15 p.m.
Modified: May 1, 2024, 11:07 p.m.
Indicators
usps.solutions
172.86.125.227
155.94.156.254
155.94.151.28
155.94.135.202
107.150.7.53
104.223.16.2
usps.parceltracker-us.com
us.ps393.com
tools.usps-lookup.com
uspsposts.com
uspspostoffices.top
uspspostoffice.top
uspspost.me
uspsos.com
uspshelp.vip
uspshelp.store
uspsaps.top
usps-stampservice.com
usps-shopusa.shop
usps-shop.shop
usps-pst.xyz
usps-postoffices.top
usps-post.world
usps-post.vip
usps-post.today
usps-mlpackage.com
usps-lookup.com
usps-find.com
usps-deliveryservice.icu
stamps-usps.online
gh-usps.shop
appusps.com
alter-usps.shop
Attack Patterns
Sharefinder
IcedID
Cobalt Strike
T1187
T1135
T1176
T1036
T1053
T1566
T1068
T1059