HomeIntelligenceBrief
BREACH BRIEF🟠 High ThreatIntel

Scammers Pose as Document Delivery Services to Harvest Personal Data via Phone Voicemails

Scammers leave legal‑sounding voicemails claiming to be from a document delivery service and demand a callback to collect personal or payment information. Losses of $100‑$500 have been reported, highlighting the need for robust Security Awareness Training as part of SOC 2 readiness.

LiveThreat™ Intelligence · 📅 June 23, 2026· 📰 malwarebytes.com
🟠
Severity
High
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
1 sector(s)
Actions
3 recommended
📰
Source
malwarebytes.com

Document Delivery Scams Use Legal‑Sounding Voicemails to Harvest Personal Data

What Happened — Scammers are leaving voicemail messages that claim to be from a “document delivery service” and threaten legal action unless the recipient calls a toll‑free number. The call is designed to scare victims into providing personal or payment information. Reported losses range from $100 to $500.

Why It Matters for Compliance & Audit Readiness

  • The scenario mirrors a classic phishing/social‑engineering attack that tests the effectiveness of your Security Awareness Training program, a core SOC 2 CC6.1 control.
  • Documented training completion and simulated‑phishing results provide audit‑ready evidence that your organization mitigates credential‑theft risk.
  • Continuous monitoring of user‑reporting metrics helps demonstrate due diligence during a SOC 2 audit.

Who Is Affected — Consumers and employees across all sectors; particularly high‑risk groups such as legal, finance, and healthcare professionals who are often targeted for personal data.

Recommended Actions

  • Update your security awareness curriculum with examples of “document delivery” scams and conduct a phishing simulation that mimics the voicemail script.
  • Enforce a policy that all requests for personal or payment information must be verified through an independent channel.
  • Log and review any reported suspicious calls as part of your incident‑response evidence collection. Source: https://www.malwarebytes.com/blog/scams/2026/06/document-delivery-scams-what-are-they-and-whats-their-goal

Technical Notes — Attack vector: phone‑based social engineering (voice phishing). No CVEs; the scam leverages caller‑ID spoofing and legal‑jargon to create urgency. Data sought includes name, address, and payment details. Source: https://www.malwarebytes.com/blog/scams/2026/06/document-delivery-scams-what-are-they-and-whats-their-goal

📰 Original Source
https://www.malwarebytes.com/blog/scams/2026/06/document-delivery-scams-what-are-they-and-whats-their-goal

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Security Awareness

Phishing and social engineering are a people-and-policy problem.

The Verisq AI Trust Operations platform pairs Security Awareness Training with policy adoption tracking, so human-risk controls are documented and audit-ready.

Explore the Verisq AI Trust Operations platform →