Hybrid fraud workflows leverage vacant residential properties and postal redirection services to intercept sensitive mail
Summary
Hide ▲
Show ▼
Cybercriminals are combining open-source intelligence, real estate data, and postal redirection services to identify vacant residential properties and intercept sensitive mail for identity theft and financial fraud. Threat actors exploit legitimate digitalized postal services such as USPS Informed Delivery and Change of Address (COA) mechanisms to monitor and redirect mail without direct physical presence. The technique integrates with broader fraud ecosystems, including fake identities and Credit Privacy Numbers (CPNs), to establish persistent access to victims’ correspondence. Fraud operations increasingly blend digital reconnaissance with physical-world manipulation, leveraging vacant properties as drop addresses to scale identity-based fraud while evading traditional detection methods.
Timeline
-
02.04.2026 17:01 1 articles · 2h ago
Mail interception via vacant property drop addresses and postal redirection abuse escalates
Threat actors operationalize a hybrid fraud model combining real estate data, digitalized postal services, and fake identities to intercept mail from vacant properties. The workflow includes identifying unoccupied addresses, monitoring mail via services like USPS Informed Delivery, submitting Change of Address (COA) requests, and establishing mail forwarding under fabricated identities. This method enables persistent access to sensitive documents, bridging digital compromise with physical-world fraud and complicating detection across independent systems.
Show sources
- Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime — www.bleepingcomputer.com — 02.04.2026 17:01
Information Snippets
-
Threat actors search real estate platforms (e.g., Zillow, Rightmove, Zoopla) to identify recently listed rental properties or long-vacant homes as drop addresses.
First reported: 02.04.2026 17:011 source, 1 articleShow sources
- Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime — www.bleepingcomputer.com — 02.04.2026 17:01
-
Legitimate postal services like USPS Informed Delivery and Change of Address (COA) requests are abused to monitor and redirect mail remotely, including financial documents and authentication materials.
First reported: 02.04.2026 17:011 source, 1 articleShow sources
- Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime — www.bleepingcomputer.com — 02.04.2026 17:01
-
Mail forwarding services are registered using fake identities or fabricated personal data (e.g., Credit Privacy Numbers) to establish long-term access to intercepted mail.
First reported: 02.04.2026 17:011 source, 1 articleShow sources
- Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime — www.bleepingcomputer.com — 02.04.2026 17:01
-
U.S. Postal Inspection Service data shows a 139% increase in mail theft from receptacles between 2019 and 2023, with theft linked to hundreds of millions of dollars in suspicious activity, including check fraud.
First reported: 02.04.2026 17:011 source, 1 articleShow sources
- Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime — www.bleepingcomputer.com — 02.04.2026 17:01
-
Change-of-address fraud has risen sharply year-over-year, indicating systemic abuse of postal redirection services.
First reported: 02.04.2026 17:011 source, 1 articleShow sources
- Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime — www.bleepingcomputer.com — 02.04.2026 17:01