A sophisticated smishing scam targeted the United States Postal Service, deceiving customers with fraudulent package delivery messages to phish credit card details. Over 438,669 unique credit card numbers were entered into scam domains, with a total of 1.2 million pieces of personal data compromised, including email addresses and government domains. The impact extended across the United States, with California the most affected. The vast operation was exposed by a security researcher, aiding prevention of fraudulent card activity.
Source: https://www.wired.com/story/usps-scam-text-smishing-triad/
TPRM report: https://scoringcyber.rankiteo.com/company/usps
"id": "usp001081024",
"linkid": "usps",
"type": "Cyber Attack",
"date": "8/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Postal Service',
'location': 'United States',
'name': 'United States Postal Service',
'type': 'Government'}],
'attack_vector': 'Smishing',
'data_breach': {'number_of_records_exposed': '1.2 million',
'personally_identifiable_information': ['email addresses',
'credit card details'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['email addresses',
'government domains',
'credit card details']},
'description': 'A sophisticated smishing scam targeted the United States '
'Postal Service, deceiving customers with fraudulent package '
'delivery messages to phish credit card details.',
'impact': {'data_compromised': '1.2 million pieces of personal data',
'payment_information_risk': '438,669 unique credit card numbers'},
'motivation': 'Financial Gain',
'threat_actor': 'Unknown',
'title': 'Smishing Scam Targeting USPS Customers',
'type': 'Phishing'}