MailGuard 02 July 2021 18:41:20 AEST 4 MIN READ

USPS email scam – “Missing information and delivery fee”

MailGuard is currently intercepting a fraudulent USPS (US Postal Service) email scam with the subject line “Missing information and delivery fee, [your name] – Update your informations”.

With ‘USPS Tracked™’ branding, the email claims that ‘We have been notified that your item is currently being held back by the retailer due to missing information. Correct your information along with added delivery fee.”

The email says that it is from USPS with a sender display name of ‘Package-information <contact(at)algodading(dot)com>’ but it actually comes from a server hosted by Digital Ocean. An intermediary page uses Google Firebase to redirect recipients to a series of web and credit card payment pages, that are hosted on Cloudflare to hide their origins, all of which are designed to harvest user credentials as part of a phishing attack.

USPS email-obf-XL-01-01

The following web pages are examples of the information that the cybercriminals are gathering, with the lure of an undelivered “Apple iPhone 12 Pro”, and a further promotional page for a “Samsung Galaxy s21”.











Whilst MailGuard is stopping this email scam from reaching our customers, we encourage all users to be extra vigilant against this kind of email and whatever happens, do not open or click them.

Well-known organisations like USPS are popular targets for scammers to impersonate because they are trusted names with large customer bases. With the recent spike in online shopping, triggered by the closure of many physical stores due to the COVID-19 pandemic, and in the rush to the EOFY, it is not uncommon to receive notifications related to package deliveries like these. At MailGuard, we regularly intercept parcel delivery scams like this one intercepting DHL, and this one involving Australia Post.

In this case, cybercriminals are preying on the curiosity of USPS customers who may actually think a package has not been delivered because of some missing information. This motivates them to enter sensitive and confidential information without hesitating.

Another parcel delivery scam?

Fake parcel email scams are a favourite of cybercriminals. We all love getting something (aside from a bill) in the mail, and with online shopping more popular than ever, it’s sometimes hard to keep track of what parcels we’re expecting. The criminals behind this scam prey on people’s busy lives and curiosity.

As a precaution, MailGuard urges you not to click links within emails that:

  • Are not addressed to you by name.
  • Appear to be from a legitimate company but use poor English, or omit personal details that a legitimate sender would include.
  • Are from businesses that you were not expecting to hear from, and
  • Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from. 

One email is all that it takes

All that it takes to break into your business is a cleverly-worded email message. If scammers can trick one person in your company into clicking on a malicious link they can gain access to your data.

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security.

Talk to a solution consultant at MailGuard today about securing your company's network.

Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.

Keep Informed with Weekly Updates