Festive Parcel Confirmations Being Hijacked by Scammers

By   ISBuzz Team
Writer , Information Security Buzz | Dec 22, 2015 09:00 pm PST

PhishMe Warns of Fake Delivery Scams Currently Circulating

PhishMe Inc., the leading provider of phishing threat management solutions, today warned UK consumers to be wary of fake delivery notifications arriving into email inboxes. Fuelled by Black Friday, Cyber Monday and Manic Monday, online spending in the UK has seen unprecedented highs and that’s what scammers are banking on. Consumers are expecting messages from retailers, and the delivery companies used to ship ordered goods, so guards are lowered making them susceptible to phishing messages laden with malware. With many shopping from office computers, businesses could also find themselves infected too.

[su_note note_color=”#ffffcc” text_color=”#00000″]Aaron Higbee, CTO at PhishMe :

“Every December we see two perennial themes utilised by threat actors taking advantage of consumers’ desire to save money during the festive shopping season, and the anticipation of an order or gift’s upcoming delivery, and this year is no exception. We’ve identified a ‘UK Mail’ phishing campaign that purported notification refers to a failed attempt to deliver a package. The message informed its victims that they must open the attached file to print information that can be used to retrieve the supposed package from a local post office. However, by opening the attached document, and engaging with the embedded macro, the victim instead infected their machine with the Dridex financial crime trojan.

Other examples of hostile shipping information emails claim to inform recipients about tracking or confirmation data. One such example refers to a DHL shipment implied to be en route to the email recipient. Attached to the message is a .zip archive that instead contains an executable used to place a keylogger malware on victims’ machines.

Prime examples of the consumer discount narrative have also been identified circulating. In the United States, one identified campaign claimed to deliver a coupon for a Black Friday LogMeIn discount, but instead delivered the Neverquest financial crimes Trojan – a malware also known as Vawtrak.

Aaron concludes, “Threat actors attempt to leverage in any way the festive shopping and shipping season to further their criminal agendas. This is clear and evident in the phishing email narratives employed during the Christmas season as a means for delivering malicious software. However, through education and application of threat intelligence, it is possible to both train people how to avoid falling for these phishing lures as well as bolster an organisation’s ability to effectively respond to relevant threats.”[/su_note]

[su_box title=”About PhishMe” style=”noise” box_color=”#336588″]PhishMePhishMe® is the leading provider of threat management for organisations concerned about human susceptibility to advanced targeted attacks. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.[/su_box]

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x