Cybercriminals Set Their Sights on Home Deliveries

The Coronavirus Pandemic Has Impacted All Aspects of Life - And the Delivery Services Industry is No Exception. Here's What's Happening with Cybercrime and Home Deliveries Right Now…

Cybercriminals Set Their Sights on Home Deliveries

The Coronavirus Pandemic Has Impacted All Aspects of Life – And the Delivery Services Industry is No Exception. Here’s What’s Happening with Cybercrime and Home Deliveries Right Now…

Unfortunately, transport flows between countries are disrupted as the coronavirus pandemic continues. There’s a shortage of cargo planes – all while demand for various items, and online shopping in general, has skyrocketed. As a result, transit times are taking longer than ever, with customers receiving messages from couriers regarding delays, updated shipping statuses, and finally, alerts about deliveries.

As Usual, Cybercriminals Are Taking Advantage of the Current Circumstances – Targeting Online Shoppers with Phishing Emails.

Cybercriminals have always been known to take advantage of current circumstances regarding news, trends, and overall, what’s happening around them in the world. Right now, they’re taking advantage of online shoppers – those ordering groceries, packages, and ultimately, anything from the internet. Cybercriminals are well aware of the constant messages we’re used to receiving right now from couriers.

How does it work?

The attacker poses as a delivery service organization via email – creating a phony email address, and in some cases, a domain that looks similar to the legitimate organization. They target those waiting on some sort of home delivery with a message that includes an attachment or link:

  • An email requesting you to pay extra delivery and/or customs fees for an item to be released to you.
  • An email requesting you to click on a link, read, and confirm the information in the file before receiving a package.
  • An email stating that a parcel cannot be delivered in person due to social distancing so the recipient must come to the address in the attached file to pick up.

In many cases, the attacker mentions COVID-19 to gain attention – referencing quarantines and the rapid spread of the pandemic as a reason for delays or updated shipping notifications.

What is the goal?

Cybercriminals are ramping up their efforts to achieve one of the following goals:

  • Making a financial profit from “extra delivery and/or customs fees” that are charged to the victim.
  • Enticing the victim to click on a link or download a file that contains malware to steal data and/or hold the victim ransom.

What Can You Do to Stay Safe Against the Evolving Threat of Home-Delivery Phishing Emails?

For those who are ordering online more than ever, it’s essential to be aware of the threat. Here are our recommendations for staying safe:

  1. Pay attention to the email address: If the message comes from a suspicious-looking domain or contains a random set of characters in the mailbox name, it’s most likely not the legitimate organization.
  2. Look for spelling and/or grammar errors: A legitimate organization will always double or triple check their spelling and grammar before hitting send – a cybercriminal will not. Always be on the lookout for errors.
  3. Don’t open attachments or click links: Even if there’s an update on the shipment, don’t open attachments or click links. Instead, go to the courier’s website and create an account.
  4. Be extra careful with emails mentioning the pandemic: If an email mentions the pandemic, whether it’s a supposed delivery notification or not, be extra diligent and pay attention to the warning signs.
  5. Use a spam filtering software: Make sure you’re using an enterprise-grade spam filtering software that will detect any sort of malicious activity and filter it before it hits your inbox.

Get in touch with us for assistance with staying safe against cybercrime during this difficult time.