A recent paper by Akamai, a company specializing in cybersecurity, found that over a four-month period from 2023 to 2024, there will be almost as many queries to suspicious domains impersonating the United States Postal Service as there will be to the actual USPS. of internet traffic. On the other hand, the company's conservative standards to avoid false positives may mean that the traffic to the phishing site was much higher than the traffic to the actual post office.
Akamai collected one dataset of domains with malicious JavaScript and HTML code that included “usps” somewhere in the address, and “usps” in the address that led to locations outside of the Postal Service's official IP ranges. We collected a second set of domains containing “. Akamai researchers noted that this method actually excludes a large number of potentially suspicious domains to avoid false positives.
“Our stringent parameters meant we were very conservative in our analysis,” the paper explains. “Still, we are seeing an unusual amount of malicious traffic, and the real-world impact of these spoofs is alarming.
“While we were definitely able to collect more malicious domains impersonating the USPS, it was important to avoid including false positives in this dataset.”
During the sample period from October 2023 to February 2024, Akamai observed approximately 1.13 million queries against the Suspicious Domains dataset. This was just shy of his 1.18 million submissions to the official USPS website. In fact, suspicious traffic significantly outnumbered legitimate queries during several weeks during the holiday season. This suggests that the holiday season is a busy time for bad actors looking to take advantage of anxious gift givers.
“While this analysis showed that USPS won 51% of total queries over the past five months, the way the data was filtered suggests that malicious traffic significantly outnumbers legitimate traffic in the real world. ” Akamai researchers wrote.
And that's just USPS. What about the supposedly massive amount of fraudulent traffic masquerading as DHL, FedEx, and countless other private or state-run delivery services? Forget package delivery. Currently, much of the internet traffic consists of mass additions of Bitcoin chats on WhatsApp, “Hello Dear” cold messages, and the infamous “.[redacted for public decency] IN BIO account has recently become famous on Twitter. These undersea fiber optic cables are absolutely strained under the weight of this pointless and malicious spam.
