Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 22 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Festive Parcel Confirmations Being Hijacked by Scammers

by The Gurus
December 4, 2018
in Scam Of The Week
Share on FacebookShare on Twitter

PhishMe Warns of Fake Delivery Scams Currently Circulating
PhishMe Inc., the leading provider of phishing threat management solutions, today warned UK consumers to be wary of fake delivery notifications arriving into email inboxes. Fuelled by Black Friday, Cyber Monday and Manic Monday, online spending in the UK has seen unprecedented highs and that’s what scammers are banking on. Consumers are expecting messages from retailers, and the delivery companies used to ship ordered goods, so guards are lowered making them susceptible to phishing messages laden with malware. With many shopping from office computers, businesses could also find themselves infected too.
Aaron Higbee, CTO at PhishMe, explains, “Every December we see two perennial themes utilised by threat actors taking advantage of consumers’ desire to save money during the festive shopping season, and the anticipation of an order or gift’s upcoming delivery, and this year is no exception. We’ve identified a ‘UK Mail’ phishing campaign that purported notification refers to a failed attempt to deliver a package. The message informed its victims that they must open the attached file to print information that can be used to retrieve the supposed package from a local post office. However, by opening the attached document, and engaging with the embedded macro, the victim instead infected their machine with the Dridex financial crime trojan.”
Other examples of hostile shipping information emails claim to inform recipients about tracking or confirmation data. One such example refers to a DHL shipment implied to be en route to the email recipient. Attached to the message is a .zip archive that instead contains an executable used to place a keylogger malware on victims’ machines.
Prime examples of the consumer discount narrative have also been identified circulating. In the United States, one identified campaign claimed to deliver a coupon for a Black Friday LogMeIn discount, but instead delivered the Neverquest financial crimes Trojan – a malware also known as Vawtrak.
Aaron concludes, “Threat actors attempt to leverage in any way the festive shopping and shipping season to further their criminal agendas. This is clear and evident in the phishing email narratives employed during the Christmas season as a means for delivering malicious software. However, through education and application of threat intelligence, it is possible to both train people how to avoid falling for these phishing lures as well as bolster an organisation’s ability to effectively respond to relevant threats.”

FacebookTweetLinkedIn
Tags: . delivery notification.zipaaron higbeeApplicationBlack FridayChristmasConconsumercriminalCyber Criminalscyber moneycybersecuritydatadhldridexemailfedexfestive shopping seasonHackerhigbeehostileinboxinfosecKeyloggerlinkmanic mondaymessagemoneypersonal dataphisherPhishingphishing emailPhishMeprivacyScamscammerThreat Intelligenceuk mail
ShareTweetShare
Previous Post

Easy Pickings for Phishers – How Susceptible are Workers to Scam e-mails?

Next Post

Data Protection Reform: Are You Preparing for a Fresh Perspective?

Recent News

Ferrari Data Breach: The Industry has its say

Ferrari Data Breach: The Industry has its say

March 22, 2023
security

What Is Observability, And Why Is It Crucial To Your Business?

March 21, 2023
Organisational Cybersecurity.jpg

How Emerging Trends in Virtual Reality Impact Cybersecurity

March 21, 2023
Nominations are Open for 2023’s European Cybersecurity Blogger Awards

Nominations are Open for 2023’s European Cybersecurity Blogger Awards

March 20, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information