The Holiday season is almost in full swing – and we are all expecting something nice. With the increase of online shopping and subsequent deliveries, cybercriminals have gotten quite adept at creating fake delivery phishing scams. These delivery-phishing messages have been on the rise in the past few years. They are widespread and common in all languages.
There is a good reason to be on the guard when getting delivery messages via email or text messages. To raise awareness of this issue AwareGO teamed up with the Icelandic Post for create an awareness video on online delivery phishing scams. It demonstrates how the cyber-Grinches try to steal the holiday cheer with fake delivery notifications.
The Language of Phishing Scams
Why collaborate with Iceland Post? Well, even though we work globally AwareGO is at its roots and Icelandic company.
Iceland is a small island in the middle of the Atlantic Ocean. Only around 370,000 people speak Icelandic, a complex and very rare language. Despite this fact it isn’t too small or obscure for cybercriminals. Every year thousands of delivery phishing scams are sent to Icelanders in the name of Iceland Post and other delivery services. Nations with globally spoken languages and millions of people must therefore be an even more desirable target. If Icelanders with their obscure language aren’t safe from cyber attacks and phishing scams, we can assume that no one is. You can never assume that your language is a barrier for hackers.
Delivery phishing scams are becoming more elaborate than ever before. They are often very exact clones of official delivery and shipping messages. One of the unintended consequences of better machine translation is that cybercriminals can now target even larger geographic areas with accurate text messages!
How To Avoid Falling For Delivery Phishing Scams
To avoid falling for delivery phishing scams – there are few things that you should keep in mind:
- An official delivery service will only use their official domain for any sort of communication. They will never use a link-shortening service such as tiny-url or bit.ly to lead you to their website.:
a) Check if the email has the correct domain: noreply@localdeliveryservice.com (correct) vs. noreply@localdeliveryservice123.com (wrong)
b) Hover over links with your mouse to reveal where they lead. Make sure they have the correct domain: localdeliveryservice.com (correct) vs. localdeliveryservice123.com (wrong)
- Instead of clicking the link in the email, type the correct domain of the delivery service into your browser. On the official site, check the tracking number if one has been provided. If they have no record of the package the email is a scam. Delivery emails that don’t provide a tracking number are likely also scams.
- Sense of urgency is often an indicator of phishing. Messages that create a sense of urgency – act now or the holidays are ruined – are a common sign of phishing.
- If you’re expecting a package, follow the tracking via the official tracking service of your delivery service. That way you know when they’re coming, and are not easily fooled by delivery phishing scams.
Every year hundreds of millions are stolen from the general public due to phishing scams. Make sure to stay safe. Stop – Think – and Double check whether things are looking good and fine before acting on something. There is no reason to let the cyber-Grinches of the world steal your holiday cheer!
Happy Cyber-Secure Holidays from the AwareGO Team!
Get the only holistic human-centric cybersecurity solution for your organization. Train and assess your employees with AwareGO.