Over the past few weeks, we filled you in on many great Black Friday and Cyber Monday deals. Because of that, we feel we should also warn you about a phishing attack attached to online shopping. There are new shipping-related phishing attacks that send emails that look like they’re from DHL, Amazon, or FedEx, yet have a goal to steal your information.
Hackers Prey on Holiday Shopping Season
There were many great deals on laptops, smart TVs, smart speakers, robot vacuums, etc. Many of us took advantage of the deals. Additionally, because of the global health crisis, more people than usual are choosing to do their shopping online rather than in brick-and-mortar stores.
However, hackers were privy to these deals as well. They set up an email phishing attack designed to make you think you are receiving an email about your upcoming shipment. Many times the emails are carrying the message of “Delivery Issue” or “Track Your Shipment.”
The hackers could be hitting the mother lode. United States consumers spent $9 billion online on Black Friday, a figure up 21.6 percent over last year.
CheckPoint security researchers warned that this led to a 440 percent global increase in shipping-related phishing attacks in November compared to the month before.
DHL is the brand most imitated globally. Up to 56 percent of the total volume of shipping-related phishing emails are imitating DHL, with 37 percent imitating Amazon, and 7 percent imitating FedEx. The U.S. saw a 427 percent increase in shipping-related phishing emails, mostly imitating Amazon; Europe saw a 401 percent increase, mostly imitating DHL; and Asia Pacific saw a 185 percent increase, mostly imitating DHL.
Shipping-Related Phishing Attacks
Hackers aren’t just targeting consumers – they are also attempting to take advantage of the shippers who are overloaded with work delivering all these extra purchases. Check Point researchers noted a systematic operation with hackers targeting the entire online shopping ecosystem.
While typical phishing emails have the goal of convincing recipients to supply personal details, credit card information, or bank account credentials, these new phishing emails are impersonating shipping vendors to convince the recipients to submit the same information. Check Point believes hackers are assuming recipients aren’t as wary of opening shipping-related emails.
To Avoid Phishing Scams:
- Never share credentials, such as usernames and passwords.
- Be suspicious of emails asking you to reset your password.
- Verify you are using an authentic URL.
- Beaware of domains that look like the ones you use but are slightly different.
- Pay attention to the language used in the emails before you act on them.
- Watch for misspellings and bad grammar.
While diligently combing over emails, looking for shipping-related phishing attacks, don’t let your guard down regarding other phishing scams. Read on to learn how to combat cell phone phishing scams and how to recognize a phishing site and what to do if you gave away your credentials.
Our latest tutorials delivered straight to your inbox
