|
|
|
|
|
|
by waselighis
1098 days ago
|
|
|
My best guess would be a compromise of a 3rd party service that acts as an intermediary for UPS (and possibly other shipping providers) and serves Canadian businesses. Another possibility is, again, a 3rd party which collects data for businesses for marketing and analytics purposes, wherein the businesses are feeding the shipping info to these 3rd parties. Or maybe a 3rd party which sends out emails or texts containing the shipping info... It seems unlikely that UPS itself was compromised considering they're unable to determine how the phishers are acquiring the shipping info in the first place, especially given this phishing campaign ran for over two years. |
|
|