The COVID-19 worldwide lockdown has had many side effects, not the least of which is that people are doing even more online shopping now. Weekly online purchases now include staples like food and cleaning products. Amazon’s sales since the pandemic arrived is up 35%. And what’s the one thing all these online sales have in common? A delivery service has to bring them to your door.
It was only a matter of time before scammers seized on the delivery services as a way to launch their phishing attacks. And that’s precisely what has happened.
According to Tech Republic, “Cybercriminals are leveraging overwhelmed delivery services to further phishing schemes.” Consumers are used to receiving emails from ecommerce companies, including shipping status emails. So, it’s not a big leap for hackers to use those emails to launch a phishing attack.
From the article, “Cybercriminals are using a number of different attack styles centered around package delivery. Some are sending emails purporting to be from delivery services that contain malicious attachments, pushing recipients to open them either for more information on their package or for addresses to places where packages can be picked up.”
Which delivery firms have been targeted? How about all of them. “More sophisticated phishing emails even contain images to make them seem like they have come from DHL, UPS and FedEx. Cybercriminals are even upping the ante further by creating spoofed package tracking websites that look like DHL, FedEx and UPS as a way to steal account information.”
It is human nature to be curious about the status of your package delivery. And that’s what hackers count on to get you to let your guard down and click on the link. It’s human nature, and the only reliable way to counteract human nature, in an effort to protect yourself from phishing emails, is with technology. Technology that’s only curious about whether the embedded link points to a phishing website. Technology like that available from DuoCircle.
Phishing Protection from DuoCircle conducts real-time link click analysis to make sure no matter who you think the email is from, none of the links in the email point to a phishing website. And if they do, Phishing Protection keeps that email out of your inbox where it can’t do any damage.
Since Phishing Protection is cloud-based, it requires no hardware, software or maintenance. It sets up in 10 minutes, works with all major email providers and costs only pennies per user per month. If you’re going to be ordering online during the pandemic, and you can’t control your curiosity, you may as well compensate for it by deploying Phishing Protection from DuoCircle.