Heimdal
article featured image

Contents:

Canadian clients of international shipping company UPS are being warned that some of their personal information may have been stolen in phishing attacks after potentially being made public through its online package look-up tools.

UPS is aware that some package recipients have received fraudulent text messages demanding payment before a package can be delivered,

Brett Callow, Emsisoft Threat Analyst (Source)

Details About the Data Breach

UPS collaborated with other parties in the delivery chain to identify how threat actors were gathering shipment information from their targets after receiving the phishing reports.

Following an internal investigation, UPS discovered that between February 2022 and April 2023, the perpetrators of the ongoing SMS phishing effort used its package look-up tools to gain access to delivery information, including the receivers’ personal contact information.

In order to counter these sophisticated phishing attempts, the organization has now put in place safeguards to restrict access to this sensitive data.

ups phishing notification

UPS Data Breach Notification Letter (Source)

UPS will notify individuals whose information may have been affected to ensure transparency and awareness of the situation.

The information available through the package look-up tools included the recipient’s name, shipment address, and potentially phone number and order number.

UPS (Source)

According to online sources, these phishing attacks have affected UPS customers all over the world. The threat actors used their names, phone numbers, and postal codes, as well as information on recent orders. After seeing numerous malicious text messages believed to be sent during this campaign, BleepingComputer concluded that the threat actors are impersonating LEGO and Apple shipments, as shown below.

ups phishing messages

UPS Malicious Messages (Source)

A UPS spokesperson shared details following the incident at BleepingComputer’s initiative. According to the spokesperson, the company has been working with partners in the delivery chain to understand how that fraud was being perpetrated, as well as with law enforcement and third-party experts to identify and stop the cause of the breach.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.

Author Profile

Cristian Neagu

CONTENT EDITOR

linkedin icon

Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE