And it's come to this

From USPS with love

I've received a message from those nice people at USPS, advising me that I have a shipment on hold. They are so kind, although I cannot for the life of me think why their notification fell into my junk mail folder.

From: =?UTF-8?B?1Y3Vj9Cg1Y8=?=<>
Subject: =?UTF-8?B?1Y3Vj9Cg1Y8gVXBkYXRlOiBQYWNrYWdlIG9uIGhvbGQ=?=

Which was rendered by my mail reader as:

ՍՏРՏ Update: Package on hold

Clearly, UTF-8 encoding has been used to insert characters that resemble U, P, and S when rendered on screen, yet are not part of the standard Latin alphabet. But I have no idea why this should be necessary. While such characters might be useful in leading an unsuspecting victim to a phishing domain—substituting Latin with Cyrillic characters, for example, so that аррІе.com can masquerade as—I can see no reason to do so in email headers.

The message itself is the bog-standard USPS phishing attack, with a button that redirects to an URL shortener/obfuscator,

<a title="Track my package (US95****21)" href="" target="_blank">Track my package (US95****21)</a>

So far, so drear. The only amusement came from the footnote.

©2022 © USPS international GmBH .Copyright . All rights reserved

I have no idea whether USPS International GmbH is a legal entity within USPS, but that's by-the-by. Aside from the obvious cack-handed errors, the short-form for the German Gesellschaft mit beschränkter Haftung is GmbH, not GmBH.

I realise that some people fall for this shit, and that's not funny. But some people will fall for almost anything, and that is funny.

I don't like USPS, and avoid them like the plague. Their international shipping costs are extortionate.