https://archive.ph/Mwf7e
It seems likely that this is someone on the inside at AT&T is selling tracking numbers to rings of thieves.
I suspect it may be bigger than this. Whether FedEx or UPS delivers a package to me, the same porch pirate from a state away is parked off the highway in front of my place. If I scope him from the house, he is leaning back and waiting for the truck. If he sees me going to confront him he puts his chair back all the way and pretends to be asleep even if I bang on his car. He always leaves before the sheriff or troopers get here. Anyway... He always knows if a delivery is over a few hundred dollars. If I had to guess there is likely a middle party that is leaking data to small crime syndicates. Maybe someone here knows what 3rd parties are involved in logistics to these delivery companies.
Given the hint that the porch thief may know the value of the contents, regardless of whether it's FedEx or UPS, it makes me wonder whether the source of the leak may be some kind of parcel-contents insurance provider used by both companies.
Or hackers can access AT&T systems, or access the DHL system using AT&T credentials?
Or perhaps there is a compromised subcontractor in the chain between the customer, AT&T and DHL...
It's strange, here in Norway I usually get phishing attempts of the "check your parcel" variety around the time something is on its way with DHL from another country. I guess they have someone on the inside that supplies the tracking numbers.
Same in Sweden and not only for DHL. Not sure if it's someone on the inside or a leak being exploited, I have experienced it only twice while my partner often gets those SMS with suspicious links after an online purchase.
> For other types of goods, the shipper typically decides whether to offer a signature option, which costs the shipper around $7.15 extra per delivery.
Well, as counterintuitive as this is... this is typical beancountering in action. AT&T says it ships "tens of thousands" of packages a day, so let's assume 50k packages. That's about 357.000 $ a day they would have to pay extra to FedEx... assuming 500$ unit cost, AT&T can have 714 phones a day stolen and still be net zero.
But that calculation only holds up because pure financial beancountering ignores associated costs: customers aren't happy when they have to wait for another package (that might get stolen as well) and each stolen phone supplies criminals with about 300$ if it gets shipped to China for being parted out - criminal activity by organized gangs is a cost that society bears in the end.
In the UK I've never had an iPhone (or anything from Apple) delivered without signature and the courier taking a photo of it in-hand. I wonder if that levy doesn't happen here.
"Porch Pirates" sounds too cute. I immediately started imagining an animated children's TV series.