Are you a new user?

print   email   Share

Shipping Notification Scams Are On The Rise: What Are The Red Flags?

Trend Micro Incorporated recently found that COVID-19 related malware and spam are increasing around the world. The types of attacks they uncovered include email spam, business email compromise, malware, ransomware, and malicious domains.

Spam was the most common risk identified, comprising 65.7 percent of enterprise attacks. Spam related to COVID-19 increased 220-fold from February to March 2020. Cybercriminals frequently targeted businesses with fraudulent shipping notifications and Ministry of Health announcements.

Another type of cybercrime is the illegal sale of toilet paper, N95 masks, ventilators, and other in-demand items.

According to Trend Micro's director, organizations have become more vulnerable to cyberattacks because they had to adapt quickly with new technology and processes to the large number of employees working remotely during the COVID-19 pandemic.

Cybercriminals have long used current events to create social engineering scams. However, COVID-19 cyberattacks have become particularly popular to exploit anxiety about the disease and current lax cybersecurity. Amy Sarcevic "COVID-19 related malware and spam on the rise" technologydecisions.com.au (May 13, 2020).



A common type of cybercrime is shipping notification scams. This type of spam is becoming even more frequent as cybercriminals take advantage of an environment in which many people are making a large number of purchases online.

Cybercriminals will send emails claiming to be from FedEx, UPS, the U.S. Postal Service, or another organization shipping merchandise. The email may claim that the recipient needs to verify certain information in order to receive a delivery. Or, the email may say that your shipment has been delayed and you must fill out a document to ensure that it arrives on time.

The email may direct the victim to download an attachment in order to confirm delivery or receive prompt delivery. In reality, the attachment contains malware.

Other spam shipping notification emails will direct their victim to click on a link that takes him or her to a spoofed website that asks for personal information. The website looks almost exactly like the website of a real shipping service provider.

Cybercriminals are incredibly skilled at creating fraudulent websites that look authentic and convincing their victims to open attachments. In order to avoid falling prey to the large number of shipping notification scams circulating, you must not let concerns over COVID-19 related shipping delays cloud your judgement.

Always assume that a shipping notification email that asks you to click on a link to a website or download an attachment is a fraudulent. Doing so could lead to a malware infection or identity theft.

If you want to check on an item you have ordered, go to the retailer’s official website by typing the address into your browser. If you have drastically increased your online purchasing to the point that you can’t remember what you’ve ordered and are tempted to click on shipping notification emails, start keeping a list of all items ordered. Include the expected delivery date and the website for tracking so that you can easily check them off when they arrive and know where you need to go if a shipment is late.

Finally, your opinion is important to us. Please complete the opinion survey: