Watch out for fake package delivery messages
You’re busy trying to meet deadlines. An email pops up with a package delivery notice, you quickly review it and click the link asking for more information. That’s all it takes to install malware on your computer. Even with all the pressure on us these days, we can’t let our guard down.
Hackers are using package delivery messages to steal your money and/or identity.
Please review this very brief article for tips on how to avoid becoming a victim.
Never click on links (or download files) from emails you are not expecting. If the email claims to come from a vendor you use, then open a browser and manually type in the address of the vendor and login. Do not cut and paste the address from the email.
You’re probably busy this time of year. In addition to projects that need to be finished before the year is out, we also feel the pressure to get our holiday shopping done. Fortunately, we have online options to order gifts and have them delivered directly to our door. And most delivery services will even send a message to let us know when they arrive.
Unfortunately, hackers have jumped on this opportunity and are sending out fake delivery notices.
What you need to know:
- Delivery notices are an easy avenue of attack because you may legitimately receive delivery notices which you are not expecting, say for gifts from someone else.
- Researchers at cybersecurity company Check Point say there’s been an over 440% increase in shipping-related phishing emails over the past month.
- More than 25% or American workers are still falling for phishing emails.
- DHL was the most spoofed company in November, comprising 56% of all such phishing emails, followed by Amazon with 37%, and FedEx with 7%.
How the attacks work (and how to protect yourself):
- The email may prompt you to log into your account to verify the delivery. Never log into an account with a link from an email.
Open a browser and enter the address of the site manually. Then log in. If there is a problem with your account, the details will be available there.
- The email may indicate a problem with the delivery and prompt you to download a file containing details.
Never download a file from an email when you can’t verify the sender and/or are not expecting it.
- The email may prompt you for additional payment “to finish processing the delivery”.
Again, contact the shipper directly through a separate browser.
It’s the holidays. Hackers are taking time off too, right?
No. In fact, they are ramping up efforts during these times knowing that you may be distracted and an easier target now.
I ordered something from Amazon, and I’ve received a delivery notice from Amazon so it’s OK to open it, right?
The phishing emails are coming branded as the most popular delivery services and/or online stores so that they hit the largest target of users. You need to be especially vigilant with emails from the popular sites.
The email came from Nordstrom.com so it’s safe.
No. Emails can be spoofed to look like they are coming from any address the hacker enters.
If you have questions about this, please let us know and we will be happy to assist you.