A new SMS-based phishing (“smishing”) campaign is using the United States Postal Service (USPS) as a disguise to target mobile users.
On September 15, SlickRockWeb CEO Eric JN Eliason tweeted out two examples of the operation.
Both attack SMS messages claimed to contain important information about a USPS package. Using that lure, they attempted to trick the recipient into clicking on a link containing the domain “m9sxv[.]info.”