From USPS with love
I've received a message from those nice people at USPS, advising me that I have a shipment on hold. They are so kind, although I cannot for the life of me think why their notification fell into my junk mail folder.
From: =?UTF-8?B?1Y3Vj9Cg1Y8=?=<no-reply@hjkilano.com> Subject: =?UTF-8?B?1Y3Vj9Cg1Y8gVXBkYXRlOiBQYWNrYWdlIG9uIGhvbGQ=?=
Which was rendered by my mail reader as:
ՍՏРՏ ՍՏРՏ Update: Package on hold
Clearly, UTF-8 encoding has been used to insert characters that resemble U
, P
, and S
when rendered on screen, yet are not part of the standard Latin alphabet. But I have no idea why this should be necessary. While such characters might be useful in leading an unsuspecting victim to a phishing domain—substituting Latin with Cyrillic characters, for example, so that аррІе.com can masquerade as apple.com—I can see no reason to do so in email headers.
The message itself is the bog-standard USPS
phishing attack, with a button that redirects to an URL shortener/obfuscator, bit.do.
<a title="Track my package (US95****21)" href="http://www.google.com/url?q=http://bit.do/fUvhb&sa=D&sntz=1&usg=AOvVaw2QGedgXwE6HvlnAdil_Ym0" target="_blank">Track my package (US95****21)</a>
So far, so drear. The only amusement came from the footnote.
©2022 © USPS international GmBH .Copyright . All rights reserved
I have no idea whether USPS International GmbH is a legal entity within USPS, but that's by-the-by. Aside from the obvious cack-handed errors, the short-form for the German Gesellschaft mit beschränkter Haftung is GmbH, not GmBH.
I realise that some people fall for this shit, and that's not funny. But some people will fall for almost anything, and that is funny.
I don't like USPS, and avoid them like the plague. Their international shipping costs are extortionate.