"Study Reveals Alarming Levels of USPS Phishing Traffic"

A recent analysis by researchers at Akamai Security has shed light on the extent of phishing and smishing attacks targeting the United States Postal Service (USPS), particularly during the holiday season.  The researchers used anonymized global DNS query logs during the study. The researchers found that illegitimate domains mimicking USPS websites attracted nearly equal and sometimes higher traffic than legitimate domains, especially during peak shopping periods like Thanksgiving and Christmas. Among the top malicious domains were “usps-post[.]world” and “uspspost[.]me,” each attracting over 100,000 hits, highlighting the efficacy of these campaigns. Furthermore, analysis of top-level domains (TLDs) revealed common choices among threat actors, with “.com” and “.top” domains dominating the landscape. The researchers noted that interestingly, while the “.com” TLD provided global legitimacy, “.top” emerged as a popular alternative known for its association with malicious activities.  

Infosecurity Magazine reports: "Study Reveals Alarming Levels of USPS Phishing Traffic"