That email about your delivery could be fake: Phishing scammers increase their attack on online shoppers
There’s been a huge rise in one particular form of phishing attack as cyber criminals look to exploit the combination of the holiday season shopping rush and the move to shopping online.
More online shopping means people are receiving more emails about the shipment and deliveries of their orders and cyber criminals are actively looking to take advantage of this with phishing emails impersonating internationally-known shipping companies. And while these campaigns predominantly target consumers, they’re also dangerous to businesses too.
Researchers at cybersecurity company Check Point say there’s been an over 440 per cent increase in shipping related phishing emails over the last month. There’s been a spike in these attacks around the world, with Europe seeing the biggest surge, followed by North America and the Asia Pacific region.
The emails are designed to look like they come from shipping companies and retailers and feature messages claiming that there’s been a “delivery issue” or urging users to “track your shipment”.
Shoppers who’ve ordered items online are likely to be concerned about any potential problems around delivery so could easily open the emails and end up falling victim to cyber criminals.
In some cases, the phishing emails – which have all the appropriate branding of the delivery firm they’re mimicking – will claim that potential victims need to make an additional payment to secure their item, directing them to a page which is used to steal their personal information, including name, address and credit card details.
SEE: My stolen credit card details were used 4,500 miles away. I tried to find out how it happened
Malicious hackers can either use the stolen financial data and other personal information directly to commit fraud and raid bank accounts themselves, or alternatively they could sell the stolen details onto other cyber criminals on underground forums.
Alternatively, cyber attackers design phishing emails which ask users to click on a link to login to their account to solve an issue. This malicious link directs victims to a fake version of the delivery company’s web page which sends the email address and password to the attacker.
Once again, cyber criminals can either exploit this for themselves by raiding accounts or for harvesting personal details which they use themselves, or sell onto others to users on the dark web.
While it may first appear that this form of phishing attack is predominantly a risk to consumers, some people could have online shopping accounts tied to their corporate email addresses, and use the same passwords, something which is a very bad idea.
SEE: Identity theft protection policy (TechRepublic Premium)
That means malicious hackers could potentially use these attacks as a gateway to gaining entry to corporate networks – something that could me much more lucrative than stealing bank account information.
“These phishing campaigns are a risk to businesses as well as consumers, as people may share passwords or other credentials across both personal and work-related accounts and inadvertently give them away,” Ian Porteous, regional director for security engineering at Check Point told ZDNet.
“It only takes a few moments of inattention for a user to be tricked by these scams – especially as they play on peoples’ expectations of receiving goods they may have ordered – and given the large numbers of people still working from home, this is exactly what hackers are relying on. For them, it’s just a numbers game to try and steal as much sensitive data as they can,” he added.
In order to help protect against shipping email and other phishing attacks, users are urged to be suspicious of unexpected messages, particularly those which claim to require some sense of urgency as it’s a common psychological trick used by cyber criminals.
If users are concerned that a request could be legitimate, they shouldn’t follow links in the email, but they should visit the retailer or shipping company page directly.
READ MORE ON CYBER SECURITY