• Tue. Oct 17th, 2023

New Phishing Attempt Preyed on Americans by Exploiting a Phony USPS Web in Google Search Results

Avatar photo

ByEsme Greene

Jul 27, 2023
Phishing Attempt Exploited USPS Web
Esme Greene
Latest posts by Esme Greene (see all)

Users looking for “USPS Tracking” would come across a USPS advertisement purchased by the attackers, complete with a URL that appeared to be affiliated with the US Postal Service. But there was a catch, according to researchers: Anastasia Ivashchenko, a Ukrainian marketer, was unconnected to USPS. The fictitious advertiser ran distinct ads for people on mobile and desktop.

What is Known About the Vulnerability

Platform weaknesses were skillfully used by attackers to trick users into visiting their phishing website. It is challenging to spot the fraud since the misleading ad URL begins with “googleadservices[.]com” before directing readers to the attacker’s website. When victims try to enter a shipment tracking number, an error message regarding an invalid delivery address appears. 

Afterwards, they are prompted to submit their bank card information and change their residence address. The assailants get the victim’s physical address before requesting all of the card’s information, including the number, the name of the cardholder, the expiration date, the CVC code, and a 35-cent fee. This phishing effort is extremely risky and misleading.

The scammers trick consumers even further by requesting them to provide their financial institution login information under the false pretense that doing so is essential to finish the payment procedure. The phishing website is made more convincing by dynamically creating a template depending on the victim’s previously submitted information. 

Because of this, victims unintentionally give hackers access to all of their personal and financial information, including their bank account login details. On the darknet, this priceless information may be purchased for a high price.

This advanced phishing technique serves as a warning that harmful adverts continue to threaten both customers and reputable companies in search engine results. When utilizing tools like Google search, it’s important to use additional caution and to quickly scroll through adverts. An easy way to swiftly and effectively deal with the problem of fraudulent adverts is to use an ad blocker.

Avatar photo

Esme Greene

Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.