Cybersecurity blog Cybersecurity blog
Delivery Phishing Scams: Don’t Let Anyone Steal Your Holiday Cheer!
Facebook Twitter LinkedIn

Delivery Phishing Scams: Don’t Let Anyone Steal Your Holiday Cheer!

Sindri Bergmann
4 min read ∙ Dec 3, 2021
Check out AwareGO’s YouTube channel for more Holiday cyber awareness videos.

The Holiday season is almost in full swing – and we are all expecting something nice. With the increase of online shopping and subsequent deliveries, cybercriminals have gotten quite adept at creating fake delivery phishing scams. These delivery-phishing messages have been on the rise in the past few years. They are widespread and common in all languages.

There is a good reason to be on the guard when getting delivery messages via email or text messages. To raise awareness of this issue AwareGO teamed up with the Icelandic Post for create an awareness video on online delivery phishing scams. It demonstrates how the cyber-Grinches try to steal the holiday cheer with fake delivery notifications.

The Language of Phishing Scams

Why collaborate with Iceland Post? Well, even though we work globally AwareGO is at its roots and Icelandic company.

Iceland is a small island in the middle of the Atlantic Ocean. Only around 370,000 people speak Icelandic, a complex and very rare language. Despite this fact it isn’t too small or obscure for cybercriminals. Every year thousands of delivery phishing scams are sent to Icelanders in the name of Iceland Post and other delivery services. Nations with globally spoken languages and millions of people must therefore be an even more desirable target. If Icelanders with their obscure language aren’t safe from cyber attacks and phishing scams, we can assume that no one is. You can never assume that your language is a barrier for hackers.

Delivery phishing scam email from Iceland Post as seen on a tabled held by a man. Text in email says package will be sent back if recipient does not fill out form on website. Candles are visible in the background.

Delivery phishing scams are becoming more elaborate than ever before. They are often very exact clones of official delivery and shipping messages. One of the unintended consequences of better machine translation is that cybercriminals can now target even larger geographic areas with accurate text messages! 

How To Avoid Falling For Delivery Phishing Scams

To avoid falling for delivery phishing scams – there are few things that you should keep in mind:

  • An official delivery service will only use their official domain for any sort of communication. They will never use a link-shortening service such as tiny-url or to lead you to their website.:
    a) Check if the email has the correct domain: (correct) vs. (wrong)
    b) Hover over links with your mouse to reveal where they lead. Make sure they have the correct domain: (correct) vs. (wrong)
Click the sender’s address and hover over links before you react.
  1. Instead of clicking the link in the email, type the correct domain of the delivery service into your browser. On the official site, check the tracking number if one has been provided. If they have no record of the package the email is a scam. Delivery emails that don’t provide a tracking number are likely also scams. 
  2. Sense of urgency is often an indicator of phishing. Messages that create a sense of urgency – act now or the holidays are ruined – are a common sign of phishing.
  3. If you’re expecting a package, follow the tracking via the official tracking service of your delivery service. That way you know when they’re coming, and are not easily fooled by delivery phishing scams.
Woman and man stand by their open front door in Reykjavik, having received identical deliveries in brown wrapping. Still from video about delivery phishing scams.
Delivery phishing scams have no effect on real deliveries.

Every year hundreds of millions are stolen from the general public due to phishing scams. Make sure to stay safe. StopThink – and Double check whether things are looking good and fine before acting on something. There is no reason to let the cyber-Grinches of the world steal your holiday cheer!

Happy Cyber-Secure Holidays from the AwareGO Team!

Try AwareGO’s security awareness training videos and platform for free

Get the only holistic human-centric cybersecurity solution for your organization. Train and assess your employees with AwareGO.

Sindri Bergmann
4 min read ∙ Dec 3, 2021

Become cyber secure

You and your employees are going to love AwareGO. It’s a modern, cloud-based system for managing human risk, from assessment to remediation. We’ve made it super easy — schedule your first assessment or training in minutes.

Get started for free and give it a go right now.

You’ll love the way AwareGO can fit into your existing infrastructure. Our robust APIs, widgets, and content available in SCORM format make sure that the integration is seamless. We also integrate with Active Directory, Google Workspace, and popular tools like Slack and Teams.

Contact us and our experts will recommend the best way to integrate.

Upgrade your cybersecurity business by adding human risk management to your existing portfolio of services. Increase your deal size by leveraging Human Risk Assessment or offering Security Awareness Training to your current customers and creating a new revenue stream.

Contact us to become an AwareGO partner, and we will support you every step of the way.

Join top companies worldwide in the mission to make workplaces cyber-safe

Get started free
blank blank blank blank blank blank blank blank blank blank