2 min read

Why you should scrutinize shipping confirmation emails this holiday season

Alina BÎZGĂ

November 25, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Why you should scrutinize shipping confirmation emails this holiday season

Consumers are not the only ones counting down the days till Black Friday and Cyber Monday sales this year. Cybercriminals are looking forward to them too, and plan to use this opportunity to trick unsuspecting shoppers into compromising their devices and data.

In this article, we’ll focus on a classic example of phishing related to the holiday shopping season - fake shipping confirmation orders and how they put your security at risk.

What to expect

Cybercriminals know you’ll be distracted and they’ll try to fool you into accessing a malicious attachment or clicking on a link to steal your login credentials.

Picture this: you get an email from an online retailer such as Amazon confirming a purchase. But the message does describe any product you’ve recently ordered, so you investigate. Mistakes can happen, and it’s probably not the first time a retail store or business sent you the wrong product, right?

Use extreme caution when dealing with unsolicited shipping confirmation orders during the holiday season:

  • If you don’t recognize the order or recall purchasing any products from the brand, the message could be fraudulent. Accessing the link could take you to a cloned login page of the retailer where you are asked to enter your username and password. Instead of logging in to the official webpage, you’ll end up sending your credentials to scammers.
  • Fake order confirmations are also used to distribute malware disguised as fake invoice (PDFs or Word documents) attachments. Upon access, you could end up deploying malicious software including spyware, password-stealing Trojans and ransomware on your devices.

What you should do

If you receive an email or text message from an online retailer referencing a store order you don’t remember making, don’t click on embedded links or attachments, even if you think it might be legitimate.

Open your browser and visit the online store to check for messages or status regarding your purchases. You can also inspect the sender’s email address and hover over links to see where they take you.

When in doubt, contact the merchant directly via official channels and report any suspicious activity.

We all get a bit busier during the holiday season, and cybersecurity is probably the last thing on your mind while you prepare your famous turkey stuffing or scour the web for a great deal. Don’t let cyberthieves catch you off guard!

Bitdefender Total Security offers multi-layered ransomware protection, anti-phishing and anti-fraud mechanisms alongside a dedicated password manager and VPN to get full protection on your Windows and macOS devices. Get your extended 90-day free trial today to stop worrying about phishing and malicious attacks coming your way.

Safe Shopping!

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Flaw allowed man to access private information of other Brinks Home Security customers Flaw allowed man to access private information of other Brinks Home Security customers
Graham CLULEY

November 30, 2022

2 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
Alina BÎZGĂ

November 29, 2022

2 min read
Hackers Steal Crime Files in Attack on Belgian Police Station, Then Demand Ransom Hackers Steal Crime Files in Attack on Belgian Police Station, Then Demand Ransom
Filip TRUȚĂ

November 28, 2022

2 min read