Techly NewsGet the app

Get the latest tech news

Malicious PDF Links Hidden in Text Message Scam Impersonating US Postal Service


SC World reports: A new phishing scam targeting mobile devices was observed using a "never-before-seen" obfuscation method to hide links to spoofed United States Postal Service (USPS) pages inside PDF files, [mobile security company] Zimperium reported Monday. The method manipulates elements of ...

The method manipulates elements of the Portable Document Format (PDF) to make clickable URLs appear invisible to both the user and mobile security systems, which would normally extract links from PDFs by searching for the "/URI" tag. The attackers send the malicious PDFs via SMS text messages under the guise of providing instructions to retrieve a USPS package that failed to deliver... The phishing websites first displays a form for the victim provide their mailing address, email address and telephone number, and then asks for credit card information to pay a $0.30 "service fee" for redelivery of the supposed package... Zimperium identified more than 20 versions of the malicious PDF files and 630 phishing pages associated with the scam operation.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of postal service

postal service

Photo of malicious pdf links

malicious pdf links

Photo of text message scam

text message scam

Related news:

News photo

Postal Service's Plan To Electrify Mail Trucks Falling Far Short of Its Goal

News photo

Swiss cheesed off as postal service used to spread malware

News photo

US Postal Service Warns Rural Mail Carriers: Don't Publicly Blame Delays on Amazon

« Delaware’s IT Infrastructure is on the Brink—A Warning for State Governments Everywhere
U.S. investigates whether DeepSeek smuggled Nvidia AI GPUs via Singapore | Nvidia denies wrongdoing, but Singapore now accounts for 22% of its revenue. »