Phishing Campaign Linked to China Targets US Postal Service, Says Cybersecurity Analyst

In a startling revelation, cybersecurity analysts from Uptycs have uncovered a sophisticated phishing campaign linked to China that impersonates the United States Postal Service (USPS). This extensive campaign involves the use of unsolicited text messages and malicious web links to trick recipients into divulging personal information. With over a thousand active phishing websites masquerading as USPS portals, this campaign poses a significant threat to unsuspecting individuals.

Attack techniques

The perpetrators behind this phishing campaign employed a technique commonly referred to as “smishing,” which involves SMS phishing through cellphone networks. Victims were targeted with unsolicited text messages that contained malicious web links. By clicking on these links, individuals unknowingly compromised their own security, falling right into the hands of the attackers.

The attackers’ modus operandi was to lure victims into entering personal details such as their name, address, and credit card information. To accomplish this, they designed a deceptive “update form” that purportedly came from the legitimate USPS. However, these fraudulent forms were meticulously crafted to appear genuine, catching many victims off guard.

Detection of live phishing websites

Uptycs conducted an extensive investigation and discovered more than a thousand “live phishing websites” that were masquerading as legitimate USPS portals. These websites were specifically designed to deceive unsuspecting users and obtain their sensitive information. Fortunately, Uptycs managed to block all 1,050+ indicators it identified during this investigation.

Attribution of the campaign

Based on their findings, Uptycs analysts have concluded that there is a high possibility that Chinese threat actors are organizing this phishing campaign. Although they did not provide elaborate reasoning for this attribution, Uptycs noted that servers used in the campaign were located not only in China but also in the US, Canada, Singapore, and Russia. This highlights the porous nature of borders in the digital ecosystem, making it challenging to accurately attribute cyberattacks to any specific nation or actor.

Implications

The discovery of this phishing campaign underscores the ongoing tech war between the US and China, marked by mutual suspicion and strategic competition. The involvement of Chinese threat actors in targeting a vital service like the USPS adds another dimension to this cyberattack. Moreover, the diverse geographical distribution of servers used in this campaign illustrates the global reach and complexity of modern cyber threats.

Attribution challenges and digital borders

Accurately attributing cyberattacks to specific actors or nations is a daunting task. The nature of the digital landscape allows attackers to exploit the infrastructure of various countries, making it difficult to pinpoint responsibility with certainty. As Uptycs’ investigation demonstrates, servers used in the phishing campaign span multiple countries, further blurring the lines of attribution.

Security recommendations

Given the sophistication of this phishing campaign, Uptycs advises the public to exercise caution when receiving unsolicited text messages. It is crucial to avoid clicking on suspicious links, phone numbers, or attachments contained within such messages. Instead, individuals should directly contact entities through their official websites or published contact details to verify the legitimacy of any requests.

The rise of phishing campaigns that impersonate well-known institutions like the USPS illustrates the growing threat posed by cybercriminals. The recent discovery of a phishing campaign linked to China targeting the USPS highlights the need for heightened vigilance and awareness among individuals using digital services. As governments and cybersecurity organizations continue to work together to combat cyber threats, it is essential for individuals to remain proactive in protecting their personal information and staying informed about the latest security practices.

Explore more

Can a Unified ERP System Future-Proof Levi Strauss?

Establishing a seamless digital environment for a brand that spans over a hundred nations is a monumental undertaking that requires more than just standard software updates. Currently, Levi Strauss & Co. is navigating a profound transformation of its digital infrastructure, aiming for a mid-2027 completion of a fully integrated global enterprise resource planning system. This strategic overhaul is not merely

Ethereum Faces $10 Billion Liquidation Risk Near $2,000

The current trajectory of Ethereum suggests a massive collision between aggressive retail speculation and sophisticated institutional sell-side pressure as the asset hovers near the $2,000 psychological threshold. This specific price point has historically served as a pivot for broader market sentiment, influencing the behavior of various decentralized finance protocols and secondary layer-two scaling solutions. Currently, the market exhibits a state

ClickLock Malware Coerces macOS Users to Surrender Passwords

Traditional macOS security architectures have long been celebrated for their robust sandboxing and gated execution, yet a new strain of malware is proving that the human element remains the most vulnerable entry point in any digital ecosystem. This threat, known as ClickLock, has emerged as a particularly aggressive evolution in the macOS threat landscape by prioritizing psychological pressure and social

Stalled Windows 11 Migration Poses Growing Security Risks

The global landscape of enterprise computing is currently grappling with a persistent digital divide as a significant segment of users continues to rely on Windows 10 despite the availability of more secure alternatives. The current ecosystem of digital infrastructure remains tethered to legacy architecture, with recent telemetry indicating that approximately one in six workstations worldwide continues to operate on Windows

How Is OpenAI Redefining AI With Precision Engineering?

The shift from experimental conversationalists to precise engineering tools has fundamentally altered the landscape of digital productivity and high-performance computing in 2026. This transition is marked by a move away from the early excitement surrounding generative models toward a rigorous framework centered on deep optimization and granular control. OpenAI has spearheaded this movement with the introduction of the GPT-5.6 Sol