USPS Slammed for Security Flaw That Scammers Love—Is Your Mail in Danger?

Our mail generally is a gold mine for criminals, as it will possibly assist them get their arms on some fairly vital issues, from our private data to chilly, exhausting money. The U.S. Postal Service (USPS) has lengthy warned concerning the many mail schemes scammers may attempt to use, together with faux emails and unsolicited texts. However now the USPS itself is being blamed for a safety flaw that is also placing clients in hurt’s method. Learn on to seek out out in case your mail could also be at risk.

READ THIS NEXT: USPS Is “Holding Mail Hostage,” Clients Say in New Complaints.


When you plan to maneuver quickly, you’ll be able to file a Change of Tackle (COA) request with the USPS to get your mail rerouted to your new place. However you is probably not the one one making an attempt to make the most of that.

An April 2022 report from the USPS Workplace of the Inspector Basic (OIG) found that fraud surrounding the company’s change of tackle course of has been rising considerably. There have been greater than 23,600 instances of fraudulent on-line COA requests and tried identification theft in 2021, in accordance with the report. That may be a 167 % bounce from 2020, when simply 8,857 instances have been reported.

Scott Shackelford, the director for Indiana College’s cyber safety program, informed CBS-affiliate WTTK in Indianapolis that the rise in COA fraud coincided with an general enhance in cybercrime in the course of the COVID pandemic.

“My guess is what we’re seeing in these knowledge is only one side of this a lot larger pattern that sadly has been occurring for a number of years now,” he mentioned.


Tacoma resident Travis Palmer is one in every of many who had his mailing tackle modified by a scammer, CBS-affiliate KIRO in Seattle reported in Oct. 2022. Travis’ mom, Carra Palmer, informed the information outlet that the rip-off had left Travis with out among the important gear he wants for his uncommon metabolic dysfunction.

“It has been a nightmare,” Carra mentioned.

A former Microsoft govt confronted an analogous state of affairs final fall as nicely, TechCrunch reported. The previous govt, who was not named, informed the information outlet that somebody had filed a COA kind in his title at a put up workplace in Nov. 2022. This fast scheme allowed scammers to achieve entry to his mail and his funds.

In truth, a letter from one in every of his banks confirmed that it had made the fraudulent tackle change in its programs “on account of knowledge obtained from the US Postal Service (USPS) indicating that an tackle change had occurred,” TechCrunch reported.

The previous Microsoft govt informed the information outlet that it took him weeks to return his accounts and get his appropriate dwelling tackle again on file.

For extra up-to-date data, join our
every day e-newsletter.

USPS United States Post Office location at L'Enfant Plaza underground shops in southwest DC

The USPS processed practically 36 million COA requests in 2021 alone, the OIG experiences. This may be accomplished by both submitting a request on-line or submitting an in-person paper kind. When utilizing the web COA kind, clients do need to pay a safety charge.

“To your safety, we have to confirm your identification utilizing a legitimate credit score or debit card. You may be charged $1.10 for this service,” the USPS states on its web site.

However a loophole could enable scammers to file PS Kind 3575, which is the paper request, with out offering proof of identification. This COA kind needs to be requested in-person at a put up workplace, and as soon as somebody fills it out with their title, previous tackle, new tackle, and the way lengthy they need to reroute their mail, all they need to do is hand it again to a postal employee or drop it within the facility’s letter mail slot, TechCrunch reported.

If they are not requested to confirm their identification, there isn’t a paper path, as there may be “no charge required” to file a change of tackle on the put up workplace, in accordance with the USPS.

As TechCrunch notes, though there’s a warning on the shape that filling it out with false data might result in felony costs, the USPS would not supply any assurance that it is checking the identification of the particular person submitting the COA kind. Critics say that makes all of it too straightforward for scammers to reroute individuals’s mail, after which steal every little thing from bank cards to checking account data.

Side view of beautiful Old Brick Post office building in Hartline Washington. Blue US mail box. Small town Hartline has a population of 146. Located between Spokane and Wenatchee.

Greatest Life reached out to the USPS concerning the alleged COA flaw, however has not but heard again. These should not essentially new issues, nonetheless.

In a 2018 audit report, the OIG expressed issues concerning the company’s identification verification insurance policies for its COA service. “The Postal Service lacks a management requiring clients to current a government-issued type of identification for overview when submitting a hardcopy COA request at a retail facility or to their letter provider,” the report concluded.

On account of this audit, USPS OIG spokesperson Invoice Triplett informed TechCrunch that the USPS “supplied documentation demonstrating gross sales associates require identification to course of change of tackle requests in particular person.”

However when requested if the company is definitely imposing this coverage, the OIG spokesperson mentioned that “as soon as we shut a suggestion based mostly on supporting documentation supplied by the Postal Service, we don’t full follow-up work to verify whether or not they proceed to implement it.”

Leave a Reply

Your email address will not be published. Required fields are marked *

close button