United Parcel Service Inc. (UPS) has reported a data breach for its customers in Canada. According to the letter sent to threat analyst Brett Callow, UPS shared information regarding a sensitive data breach, which could open phishing attacks soon.
The UPS data breach letter consisted of information regarding phishing and smishing attacks and later dealt with the UPS data breach. According to the letter, UPS conducted an investigation of the UPS cyber attack, and found that the threat actor could use a loophole in the UPS package system to find delivery-related information.
This information includes the recipient’s phone number, address and other sensitive information. Using this method, an unknown individual or group found a way to exploit UPS’s website — eventually getting their hands on customers’ phone numbers.
How grave is UPS data breach?
The UPS data breach could have grave consequences, as mentioned in the letter. However, the company also assured its recipients that it has taken immediate steps to restrict access to this sensitive information.
The letter also claimed that UPS has been actively collaborating with partners in the delivery chain, as well as law enforcement agencies and third-party experts, to comprehend the mechanics of the UPS data breach, and find a solution to limit the repercussions of the attack.
The letter titled, “Fighting Phishing and Smishing – An Update from UPS” aims to spread awareness to recipients about the nature of phishing and smishing, and offered advice on protecting oneself against such fraudulent activities.
“The information available through the package look-up tools included the recipient’s name, shipment address, and potentially phone number and order number. We cannot provide you with the exact time frame that the misuse of our package look-up tools occurred. It may have affected packages for a small group of shippers and some of their customers from February 1, 2022 to April 24, 2023”, reads the letter shared by Brett Callow.
What is phishing, and how hackers can utilize UPS data breach?
Phishing refers to fraudulent emails, while smishing pertains to text messages, both of which are on the rise.
Scammers employ various tactics to convince recipients that they owe money for a package delivery, resorting to text messages and emails to solicit credit card and payment card details.
These fraudulent messages often bear a semblance of legitimacy, incorporating company brands, colors, or even legal disclaimers. It’s worth noting that these fraudulent attempts affect deliveries from multiple carriers, making it a bigger concern for UPS customers.
These hackers can utilize the UPS data breach to reach out to customers pretending to be from UPS and other affiliate parties to scam them. This is a common practice amongst most of the threat actors using phishing as a source to target victims.
UPS also urged recipients to trust their instincts and be cautious if they receive any communication that seems suspicious. They emphasized that genuine UPS texts will only originate from the SMS number 69877.
UPS data breach has already propagated into online scams
The company acknowledged that some recipients of packages had already received fraudulent text messages demanding payment before the delivery.
The company has started an internal review to assess whether the information provided by shippers was contributing to the fraudulent activity.
Understanding the potential misuse of this information by third parties, including in smishing schemes, UPS has taken immediate action to restrict access to this data. As a precautionary measure, they are notifying individuals who may have been affected by the breach.
The compromised information available through the package lookup tools includes the recipient’s name, shipment address, and potentially their phone number and order number.
The exact time frame during which the package lookup tools were misused remains uncertain. However, the company estimates that the UPS data breach may have impacted packages for a small group of shippers and their customers between February 1, 2022, and April 24, 2023.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
