4 min read

Post-Holiday Delivery Phishing Campaigns Seek to Infect Your Devices with Malware

Alina BÎZGĂ

February 03, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Post-Holiday Delivery Phishing Campaigns Seek to Infect Your Devices with Malware

Bitdefender Antispam Lab has observed a spike in phishing campaigns impersonating popular delivery services that seek to lure consumers into downloading malicious files on their devices.

Email-based attacks that exploit trusted delivery companies increased by 30% since January 10 to date, compared to the holiday season.

As usual, threat actors mimic well-known delivery services such as DHL, TNT, FedEx, and UPS, as they send out fake shipping notification emails that urge recipients to review or access attachments by confirming and verifying invoices or home addresses.

On January  18, 61% of all incoming correspondence appearing to come from DHL was marked as spam. Overall, nearly 30% of all spam received relating to the delivery service was either a phishing attempt or had malicious attachments.

Most messages include company logos, fake tracking numbers, or invoices that add credibility to their deceit. They claim that your parcel delivery is pending, and use various excuses to compel you into accessing the attachment, such as an incorrect delivery address, COVID-19 safety rules, or the claim that you were unreachable at the provided address.

The ongoing phishing campaigns prey on the recipient’s curiosity regardless of whether they are expecting a package or not. A user’s carelessness can be fatal in mere seconds, as he only needs to access the attachment to get infected. Ransomware attacks are still going strong, as they have proven to be a highly profitable business for threat actors seeking to make easy money.

Besides ransomware, attachments also include remote access Trojans. Once executed, they will allow the attackers to control the user’s system, harvest credentials, or deploy other forms of malware on infected devices.

Remember, nothing’s personal. Each recipient is just another number in the victim pool that may or may not fall to their gimmick.

Delivery phishing emails to look out for

Impersonating DHL delivery services is a fan-favorite among threat actors. Bitdefender Antispam Lab has picked up three versions of DHL phishing emails exhibiting different particularities and diversions to entice recipients into accessing a malicious attachment or link.

Sample 1. DHL phishing email

Sample 2. DHL phishing email

Sample 3. DHL phishing email

Emails pretending to come from FedEx express, courier, and delivery service lack a sense of effort, keeping most messages short and simple. This tactic is, of course, deliberate, ensuring that the recipient will be tempted to access the attachments to receive additional information.

Sample 4. FedEx phishing email

In one version of the scheme, a FedEx representative alerts recipients that due to strict COVID-19 safety rules, they must personally visit their local delivery office and bring the printed version of the attached AWB to pick up the package.

Sample 5. FedEx phishing email

UPS and TNT phishing emails were also spotted. Emails with the subject lines <<Shipment Arrival Notification Consignment>> contain links and attachments that, once accessed, will infect their devices with malware and credential-stealing Trojans. Other emails may refer to a specific shipment, providing the customer with a fake tracking number.

Sample 6. TNT phishing email

Sample 7. UPS phishing email

How to protect against delivery phishing scams

The frenzy surrounding holiday season shopping may have ended, but citizens are still conducting most of their shopping online. Therefore, it’s not surprising that cybercriminals continue to recycle old ruses or develop new means for duping the population.

To help protect against delivery phishing attacks, users can follow a simple set of rules:

  • Be suspicious of unexpected messages from popular delivery companies
  • Check the sender’s address for any slightly altered domain addresses
  • Never provide personal information or payment via online forms or links
  • Never follow the links provided in the email, but visit the shipping company page directly and look for official contact information to enquire about the correspondence or package delivery details
  • Check for spelling mistakes and grammatical errors even if the email looks legitimate

Install a security solution on your device to safeguard your private data against new and existing threats

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read