Check Point Research reports that in November, the number of phishing emails written on behalf of delivery services increased by 440% compared to October.The sharpest growth was noted in Europe, with North America and the Asia-Pacific region in second and third places respectively in the number of phishing campaigns. Most often (in 56% of cases) fraudsters sent letters on behalf of DHL. In second place is Amazon (37%), in third – FedEx (7%).
Back in early November, the US Centers for Disease Control and Prevention warned of the dangers of shopping malls during the holidays and recommended shopping online. As a result, the volume of online shopping in the country continues to break all records. In the first ten days of November, the holiday season, Americans spent $21.7 billion on online purchases, a 21% increase over last year. Shoppers will spend $38 billion over the 2020 Thanksgiving holiday weekend, nearly doubling the amount that was spent during the same period in 2019, according to DC360.
However, it’s not just stores that are preparing for the online shopping boom – the attackers are also mobilizing forces to earn on the holiday hype. Number of phishing attacks has doubled recently.
Now, in addition to fake discount offers and links to store sites, they are increasingly sending phishing emails on behalf of delivery services.
Unlike ordinary phishing emails, with the help of which scammers try to get personal data, information to enter the personal account of an online bank or card data, emails on behalf of delivery services contain various fake messages about problems or offers to track the package.
To solve a problem or in order to use the service, user must provide personal data or bank card details. It is no coincidence that scammers started sending out such letters in November, experts say, since this month many buyers of online stores are waiting for their purchases and more often pay attention to messages from delivery services. In addition, many users are already aware of the old methods of fraudulent sales, and traditional “bargains” no longer contribute to income of criminals.
Check Point Expert Tips for Safe Shopping:
- For different sites, use unique non-duplicate logins and passwords, go to the site not using a link from a letter that may turn out to be phishing, but open it through a search engine.
- Particular attention should be paid to the language and errors in letters and domain names: for example, attackers can use the .co extension instead of .com or make typos in the letter itself.
Let me remind you also that cybercriminals started using Google services more often in phishing campaigns.