Phishing scam spreading as fake package delivery notices | Komando.com
Phishing scam spreading as fake package delivery notices
By Ariyanna Norman, Komando.com
Holiday cheer isn't the only thing spreading this time of year. Phishing scams are also on the rise. These scams are especially successful in November and December because we do so much online shopping for gifts.
When you order a package, it's not uncommon to receive emails from the sender about the status of the delivery. And, usually, those emails are the first ones you open. Especially, if you can't wait for the arrival of your package.
But what if you saw an email in your inbox that said there were problems with your delivery? Right now, scammers are assuming what your natural reaction will be, and hoping you'll click anything to find out what's delaying things.
Note: This isn't the only tactic scammers use to fool you. They misspell theURLs of our favorite retailer sites to lure us to phishing sites. They also send fake Amazon and Paypal emails to get our account information.
If you see an email claiming that your package can't be delivered, double check the sender's credentials before you click any links in the message or open any attachments. Does the email mention you by name? Does it include your actual order number?
Scammers will use an address similar to the company's name and even company logos to fool you. The delivery services have caught on to these scams and they want you to report them. FedEx has examples of fraud emails on their site and UPS has an entire PDF file of fraudulent email examples. If you see any emails in your inbox with these subject lines, proceed with caution:
We could not deliver your parcel, #00556030
Please Confirm Your DHL Shipment
Problems with item delivery, n.000834069
Delivery Receipt | Confirm Awb no:XXX830169
Your order is ready to be delivered
Courier was unable to deliver the parcel, ID00990381
Your DHL isher please download attachment to view detail and confirmation of your address
What happens if you fall for it?
If you're tricked by these email scams, there are a few different, undesirable scenarios. The link could take you to a phishing site that requests your account information (logins and credit card details). This site will look very similar to the legitimate site you intended to reach.
The other possible result is that attachments or malicious links could be hiding malware. If you click and accidentally install this malicious software, your device could be infected with software that spies on you, or you could even be hit by ransomware.
Avoiding this phishing scam:
When in doubt, go to the delivery service's site and log in to your account. Any information about shipping issues should be there. You can also find the company's customer service line and ask for clarification. If the representative gives you information contrary to the fake email, you can report the scam while you're on the phone.
You should also follow these general tips to avoid phishing scams of all sorts:
Be cautious with links - If you get an email or notification from a site that you find suspicious, don't click on its links. It's better to type the website's address directly into a browser than clicking on a link. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn't what the link claims, do not click on it.
Double check the URL spelling - When typing a URL into your browser, take the time to verify you're spelling it correctly. With typosquatting, misspelling a URL could lead to a phishing scam.
Watch for typos - Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos. Before clicking on a link, hover over it and check for spelling. The safest move is to type the URL into your browser, with the correct spelling of course.
Use multi-level authentication - When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts.
Have strong security software - Having strong protection on your family's gadgets is very important. The best defense against digital threats is strong security software.
Still not sure if you can spot a phishing scam? Take our phishing IQ test to learn the signs of a fake email.
Phishing scam spreading as fake package delivery notices
By Ariyanna Norman, Komando.com
Holiday cheer isn't the only thing spreading this time of year. Phishing scams are also on the rise. These scams are especially successful in November and December because we do so much online shopping for gifts.
When you order a package, it's not uncommon to receive emails from the sender about the status of the delivery. And, usually, those emails are the first ones you open. Especially, if you can't wait for the arrival of your package.
But what if you saw an email in your inbox that said there were problems with your delivery? Right now, scammers are assuming what your natural reaction will be, and hoping you'll click anything to find out what's delaying things.
Note: This isn't the only tactic scammers use to fool you. They misspell theURLs of our favorite retailer sites to lure us to phishing sites. They also send fake Amazon and Paypal emails to get our account information.
If you see an email claiming that your package can't be delivered, double check the sender's credentials before you click any links in the message or open any attachments. Does the email mention you by name? Does it include your actual order number?
Scammers will use an address similar to the company's name and even company logos to fool you. The delivery services have caught on to these scams and they want you to report them. FedEx has examples of fraud emails on their site and UPS has an entire PDF file of fraudulent email examples. If you see any emails in your inbox with these subject lines, proceed with caution:
We could not deliver your parcel, #00556030
Please Confirm Your DHL Shipment
Problems with item delivery, n.000834069
Delivery Receipt | Confirm Awb no:XXX830169
Your order is ready to be delivered
Courier was unable to deliver the parcel, ID00990381
Your DHL isher please download attachment to view detail and confirmation of your address
What happens if you fall for it?
If you're tricked by these email scams, there are a few different, undesirable scenarios. The link could take you to a phishing site that requests your account information (logins and credit card details). This site will look very similar to the legitimate site you intended to reach.
The other possible result is that attachments or malicious links could be hiding malware. If you click and accidentally install this malicious software, your device could be infected with software that spies on you, or you could even be hit by ransomware.
Avoiding this phishing scam:
When in doubt, go to the delivery service's site and log in to your account. Any information about shipping issues should be there. You can also find the company's customer service line and ask for clarification. If the representative gives you information contrary to the fake email, you can report the scam while you're on the phone.
You should also follow these general tips to avoid phishing scams of all sorts:
Be cautious with links - If you get an email or notification from a site that you find suspicious, don't click on its links. It's better to type the website's address directly into a browser than clicking on a link. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn't what the link claims, do not click on it.
Double check the URL spelling - When typing a URL into your browser, take the time to verify you're spelling it correctly. With typosquatting, misspelling a URL could lead to a phishing scam.
Watch for typos - Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos. Before clicking on a link, hover over it and check for spelling. The safest move is to type the URL into your browser, with the correct spelling of course.
Use multi-level authentication - When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts.
Have strong security software - Having strong protection on your family's gadgets is very important. The best defense against digital threats is strong security software.
Still not sure if you can spot a phishing scam? Take our phishing IQ test to learn the signs of a fake email.