It amazes me that people fall for shot-in-the-dark e-mail scams like this (they must, or scammers wouldn't still be doing them).
I mean, yeah, they have to get lucky to match your actual current circumstances (ie, you're really waiting for a USPS package right now, or you are a customer of the bank they randomly guessed when generating the scam message), but even if that occurs...
I'm just stunned that there are so many people out there who blindly go "oh yeah, it must be them, how else would they know?" and proceed straight to the scammer through that e-mail link to dump info (or unknowingly download malware). It's absolutely insane to me.
If it's really your company, then your thought process should be... thanks for the heads up, I'll just go to your actual official site that's in no way attached to this e-mail to check my account or tracking number or whatever.
There's a shocking number of people who are unfathomably tech illiterate, to the point that they can't recognize things like this. At work, I'll ask people what page they're referring to on our web site, and you'd be shocked and dismayed by how many people say things like "I was on google."
I legit wish I could teach a class on just the ABCs of digital security, especially for elderly people.
Hell yes, the USPS is one of the few organizations that is straightforward and doesn't include those kind of fake pleasantries like for profit businesses do.
I've gotten 8 of these texts in the last 9 days. Every single one has a different URL. Out of curiosity I clicked on one of the links and chrome detected Chinese on the page but I couldn't see it anywhere.
Shouldn't be that risky, browser exploits are rare nowadays. They'll get your IP but there isn't much a scammer can do with that especially if it's a mobile data IP.
That doesn't seem that far-fetched. Half the places ask for a phone number along with your shipping information. If you try not to provide one, they say your address is incomplete.