Amid record-breaking
Black Friday and Cyber Monday e-shopping, Check Point researchers urge holiday
shoppers anticipating package deliveries to watch out for delivery scams.
Hackers are impersonating Amazon, DHL and FedEx, by sending “Track your
Shipment” or “Delivery Issue” emails to trick holiday shoppers into giving up
their personal details for financial fraud.
· 440% global increase in shipping related phishing emails in Nov, compared to Oct.
· DHL most imitated brand globally, making up 56% of the total volume of shipping-related phishing emails, followed by Amazon at 37%, FedEx at 7%
·
Check Point
researchers provide shipping scam numbers by region, Europe,
o
o
o APAC: 185% increase in delivery phishing emails,
with 65% of the total phishing emails are DHL fakes.
Security researchers at Check Point are warning Black Friday and
Cyber Monday shoppers of surges in email phishing campaigns where hackers
impersonate trusted delivery vendors, like Amazon, DHL and FedEx, to commit
financial fraud. The emails are designed to trick recipients into disclosing
their personal details by using message guises of “Delivery Issue” or “Track
your Shipment”. Hackers are timing these email phishing campaigns to coincide
with the anticipation of package deliveries from online shoppers who made
purchases during this Thanksgiving holiday shopping season, where
Hackers
are targeting both the before and after sides of the online purchasing
experience. Two weeks ago, Check Point researchers documented an 80%
increase in malicious phishing campaigns targeting online shoppers in the form
of “special offers”, urging shoppers to be wary of “too good to be true”
bargains found online. In fact, 1 out of every 826 emails delivered to users worldwide
are malicious phishing emails, where the ratio at the beginning of October was
1 out of more than 11, marking a 13x increase.
440% Global Increase
In
the month of November, Check Point researchers documented a 440% global
increase in shipping related phishing emails, compared to October. Emails
impersonating DHL made up 56% of the total volume of
shipping-related phishing emails, followed by Amazon at 37%, and
FedEx at 7%.
Numbers by Region: Europe, USA and APAC
Europe
Europe topped the list in terms of total number of phishing emails. The numbers grew over four times (401%) compared to October. 77% of these emails in November were fake DHL mails.
USA
In the US, the increase was similar (427%) comparing November to October. The leading impersonated brand was Amazon with 65% of all phishing emails impersonating different Amazon shipping related notifications.
Asia Pacific (APAC)
APAC showed a more moderate, though significant, increase (185%) with DHL accumulating almost 65% of the total phishing emails.
Figure 2. Shipping Related Email Phishing: Amount by Region
Quote: Sundar N Balasubramanian, Managing Director, India & SAARC, Check Point Software Technologies
“Hackers are going after the entire online shopping experience, before and after you purchase. First, hackers will send you “special offers” to your inbox from your favorite brands. Then, hackers will send an email about the delivery of your purchase, even if you bought from a trusted source. Now that Black Friday and Cyber Monday are over, we’re turning towards the other side of the equation, which is deliveries.
Think twice as you open up any post-purchase emails this holiday season. The email could be from a hacker. Take a closer look at any email that alleges they are from Amazon, DHL or FedEx. Watch for misspellings. Beware of Lookalike Domains. It’s clear to us that hackers are targeting online shoppers at every step of the online shopping experience, where the danger is very real before and after you make a purchase.”
How to Protect Against Phishing Scams
- Never share your credentials– Credential theft is a common goal of cyberattacks. Many people reuse the same usernames and passwords across many different accounts, so stealing the credentials for a single account is likely to give an attacker access to a number of the user’s online accounts. Never share your account credentials and do not re-use passwords.
- Always be suspicious of password reset emails– If you receive an unsolicited password reset email, always visit the website directly (don’t click on embedded links) and change your password to something different on that site (and any other sites with the same password). By clicking on a link, you can reset the password to that account to something new. Not knowing your password is, of course, also the problem that cybercriminals face when trying to gain access to your online accounts. By sending a fake password reset email that directs you to a lookalike phishing site, they can convince you to type in your account credentials and steal them.
- Verify you are using a URL from an authentic website: One way to do this is not to click on links in emails, and instead click on the link from the Google results page after searching for it.
- Beware of lookalike domains: spelling errors in emails or websites, and unfamiliar email senders.
- Always note the language in the email: Social engineering techniques are designed to take advantage of human nature. This includes the fact that people are more likely to make mistakes when they are in a hurry and are inclined to follow the orders of people in positions of authority. Phishing attacks commonly use these techniques to convince their targets to ignore their potential suspicions about an email and click on a link or open an attachment.
- Watch for misspellings: Beware of misspellings or sites using a different top-level domain. For example, a .co instead of .com. Deals on these copycat sites may look just as attractive as on the real site, but this is how hackers fool consumers into giving up their data.
Examples caught by Check Point Researchers
- Amazon Impersonation Email in Japan
- DHL Impersonation in USA
- FedEx Impersonation in Israel
- Impersonation of Amazon in Italy
- DHL Express Impersonation in Austria
- DHL Impersonation in Greece