Malicious actors are doing everything possible to exploit the spending spree that characterizes this period, starting from November and going into the Christmas holiday season. It is estimated that consumers in the United States alone have spent $21.7 billion in online shopping during the first ten days of November, and the momentum continues.
Since all of the products bought online are shipped, and crooks are looking to exploit precisely that.
According to a report by CheckPoint researchers, there has been an explosion in the volume of shipping-related phishing emails in November. In numbers, we see a 440% increase, with Europe topping the list, and North America and APAC following right after.
In most cases, the phishing actors are mimicking DHL, while Amazon and FedEx are also impersonated heavily.
So, the actors are sending messages to random individuals informing them of a “delivery issue.” In many cases, they just send an email that supposedly contains a shipment tracking URL. Since there are a large number of clients actually waiting for packages right now, the actors have high rates of success in convincing the people to click on embedded buttons and links.
From there, the victims are taken to all kinds of malicious websites, from straight-out phishing forms that ask the visitors to enter their details, supposedly to help deliver the package to the right place this time, to malware-dropping web pages.
As always, there’s a number of ways you can protect yourself from these tricks, so here we go: