--- title: "UPS SMS Phishing, Phishing Scams on the Rise, Phishing Defense Urgent – Cybersecurity News [26 June 2023] | Phish Protection" description: "Recent cyberattack instances on UPS and Meta Mask and a general rise in phishing attacks make it imperative for organizations to follow robust cybersecurity." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-26-of-2023.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-26-of-2023/" --- Quick Answer Recent cyberattack instances on UPS and Meta Mask and a general rise in \[phishing attacks\](/resources/7-most-common-phishing-attacks-and-learning-to-protect-against-them) make it imperative for organizations to follow robust \*\*cybersecurity strategies\*\*. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-26-of-2023%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=UPS%20SMS%20Phishing%2C%20Phishing%20Scams%20on%20the%20Rise%2C%20Phishing%20Defense%20Urgent%20%26%238211%3B%20Cybersecurity%20News%20%5B26%20June%202023%5D&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-26-of-2023%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-26-of-2023%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-26-of-2023%2F&title=UPS%20SMS%20Phishing%2C%20Phishing%20Scams%20on%20the%20Rise%2C%20Phishing%20Defense%20Urgent%20%26%238211%3B%20Cybersecurity%20News%20%5B26%20June%202023%5D "Share on Reddit") [ ](mailto:?subject=UPS%20SMS%20Phishing%2C%20Phishing%20Scams%20on%20the%20Rise%2C%20Phishing%20Defense%20Urgent%20%26%238211%3B%20Cybersecurity%20News%20%5B26%20June%202023%5D&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-26-of-2023%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2023/07/office-365-phishing-protection-8021.jpg) Recent cyberattack instances on UPS and Meta Mask and a general rise in [phishing attacks](/resources/7-most-common-phishing-attacks-and-learning-to-protect-against-them) make it imperative for organizations to follow robust **cybersecurity strategies**. Multinational shipping giant UPS has been one of the latest victims of **SMS phishing** attacks, underlining enterprises’ demand for higher vigilance. It is one of the recent massive phishing attacks that sent shockwaves through the cybersecurity community. The terrifying and extended attack exposes the vulnerability of customer information. This breach also raised concern about the security of [personal data](https://www.theguardian.com/us-news/2023/mar/08/us-house-senate-members-data-leaked-for-sale) and highlighted the **urgent need** for organizations and individuals to boost their lines of defense. With phishing scams continually evolving and increasing, organizations must adopt adequate countermeasures. Besides using [anti-phishing tools](/content/anti-phishing-service/anti-phishing-tools), businesses also need **ransomware protection** to thwart malicious interventions. _The data breach targeting UPS disclosed customer information, marking increased SMS phishing attacks._ ### The SMS Phishing Attack on UPS Shipping Service The attack involved UPS customers receiving fraudulent text messages. These messages **demanded payment** before their packages were delivered. The internal review launched by UPS revealed that the threat actors had abused the organization’s package look-up tools to access customers’ shipping information. The breach occurred between[February 1, 2022, and April 24, 2023](https://heimdalsecurity.com/blog/ups-discloses-data-breach-caused-by-an-sms-phishing-campaign/). It potentially **compromised credentials** such as recipients’ names, shipment addresses, phone numbers, and order numbers. With phishing attacks expanding globally, malicious actors leverage the **personal details** of their customers to accomplish their malicious intentions. These details include customers’ addresses, phone numbers, and other details in addition to order information and price. The data breach explains the need for adequate [phishing protection](/) solutions for organizations. ![Office 365 phishing protection](https://media.mailhop.org/phishprotection/images/2023/07/office-365-phishing-protection-8021.jpg) ### With Phishing Scams on the Rise, Firms Need to Act and Adopt ‘Simple’ Cybersecurity Solutions The exponential increase in **phishing scams** points to the immediate measures enterprises must take. Phishing attacks are based on social engineering, where the culprits manipulate individuals into revealing sensitive information or downloading malware. With new attack models such as [spear phishing](/content/phishing-prevention/spear-phishing-examples) and whale phishing looking menacing, it’s time for organizations to seek adequate phishing protection. > However, Jonathan Tan, Managing Director of Trellix Asia, says that adopting ‘[simple](https://www.todayonline.com/commentary/commentary-phishing-scams-rise-firms-need-act-and-adopt-simple-cybersecurity-solutions-2199266)‘ cybersecurity solutions is the need of the hour. By simple, he means a **simple way** to manage the complex and expensive cybersecurity solutions organizations deploy. The security tools employed are all in a disconnected form, and a **fragmented approach** to security is what many follow. Though multiple cybersecurity tools are implemented, 36% CISOs (Chief Information Security Officers) believe proper and comprehensive security management based on a unified strategy using a single, **centralized system** is essential. Organizations must also educate employees and **invest in awareness** programs to combat phishing threats. Every employee should be proactive and trained to identify common [phishing indicators](https://www.alertlogic.com/blog/5-common-indicators-of-a-phishing-attempt/#:~:text=Longlining-,5%20Common%20Indicators%20of%20a%20Phishing%20Attempt,Personal%20information%20solicitation). Enterprises should also encourage them to **report** these indicators to their managers. Thus, organizations can significantly mitigate phishing attacks. Apart from **phishing SMSs** targeting UPS, organizations must stay secure from phishing emails. They must implement multi-factor authentication, robust email filters, and [advanced threat detection](https://www.sangfor.com/blog/cybersecurity/what-is-advanced-threat-detection-definition-and-tools-for-threat-hunting) tools to bolster their defense against phishing attempts. _The key to remaining secure from online attacks is cultivating a strong **cybersecurity culture** in your organization._ ### Increased Vigilance Required to Defend Against Phishing and Scam Messages Organizations and individuals need greater vigilance to combat various attack models based on phishing. Mostly, online threat actors choose different communication channels, such as emails, [SMS](https://thehackernews.com/2023/06/chinese-postalfurious-gang-strikes-uae.html), or instant messages, to execute phishing attacks. Among cybersecurity threats, phishing is one of the **most severe** to personal and financial information. While adopting adequate countermeasures, individuals must exercise caution while interacting with unfamiliar or [suspicious messages](https://www.guampdn.com/news/more-suspicious-messages-being-reported-to-guam-authorities/article%5F663a5338-828a-11ed-8009-6b71b6ff1b32.html). Besides having email phishing protection, they must also develop a **cyber-resilient culture**. _Therefore, organizations need to train their employees not to click malicious links, download suspicious attachments, or provide sensitive information without verifying the **authenticity** of the request._ You also need to use ransomware protection and anti-phishing solutions. Forward-thinking organizations use email filters capable of detecting and blocking phishing emails before they land in their employees’ inboxes. Besides, **continuous employee education** and [simulated phishing](/products/phishing-simulation) exercises can strengthen your cybersecurity posture. ### URL-Based Phishing: The Fake Meta Mask Page Among other phishing models, URL-based phishing attacks threaten global enterprises severely. Malicious actors are continuously developing **new techniques** to deceive unsuspecting individuals. The Meta Mask page used to **steal cryptocurrency wallets** and login credentials is a recent example of URL-based phishing. The popular [cryptocurrency wallet](https://thehackernews.com/2023/06/beware-new-doublefinger-loader-targets.html) and browser extension Meta Mask was the prime target for threat actors. The miscreants conspired to exploit the digital assets of customers. As a part of this scheme, users were directed to a malicious website **resembling** the legitimate Meta Mask page. Here, they were prompted to enter their private keys or passwords , allowing the perpetrators to access the victims’ cryptocurrency wallets, resulting in **financial losses**. To prevent URL-based phishing attacks, you must be cautious while clicking links from **unverified sources**. Besides, organizations should educate employees about the risks associated with URL-based phishing attacks. They can prevent employees from accessing malicious websites with robust [web filtering](https://www.tutorialspoint.com/what-is-web-filtering) and threat detection systems. ![Office 365 phishing protection](https://media.mailhop.org/phishprotection/images/2023/07/office-365-phishing-protection-8022.jpg) ### Final Words [Cyberattacks](https://therecord.media/iran-hackers-influence-operations-cyberattacks-microsoft) like the UPS data breach and Meta Mask phishing incident and an increase in SMS phishing attacks, in general, emphasize the **need for increased vigilance**. _Cybersecurity practices such as using email filters, ransomware protection, and email filters can mitigate the threat potential to a significant extent._ As mentioned earlier, a **simple and unified** management strategy to handle all [cybersecurity](/blog/) tools in a coordinated way is also vital. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"UPS SMS Phishing, Phishing Scams on the Rise, Phishing Defense Urgent – Cybersecurity News [26 June 2023]","description":"Recent cyberattack instances on UPS and Meta Mask and a general rise in phishing attacks make it imperative for organizations to follow robust cybersecurity.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-26-of-2023/","datePublished":"2023-07-04T05:14:28.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2023-07-04T05:14:28.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-26-of-2023/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":946,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2023/07/office-365-phishing-protection-8021.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"UPS SMS Phishing, Phishing Scams on the Rise, Phishing Defense Urgent – Cybersecurity News [26 June 2023]","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-26-of-2023/"}]} ```