PhishMe Warns of Fake Delivery Scams Currently Circulating
PhishMe Inc., the leading provider of phishing threat management solutions, today warned UK consumers to be wary of fake delivery notifications arriving into email inboxes. Fuelled by Black Friday, Cyber Monday and Manic Monday, online spending in the UK has seen unprecedented highs and that’s what scammers are banking on. Consumers are expecting messages from retailers, and the delivery companies used to ship ordered goods, so guards are lowered making them susceptible to phishing messages laden with malware. With many shopping from office computers, businesses could also find themselves infected too.
Aaron Higbee, CTO at PhishMe, explains, “Every December we see two perennial themes utilised by threat actors taking advantage of consumers’ desire to save money during the festive shopping season, and the anticipation of an order or gift’s upcoming delivery, and this year is no exception. We’ve identified a ‘UK Mail’ phishing campaign that purported notification refers to a failed attempt to deliver a package. The message informed its victims that they must open the attached file to print information that can be used to retrieve the supposed package from a local post office. However, by opening the attached document, and engaging with the embedded macro, the victim instead infected their machine with the Dridex financial crime trojan.”
Other examples of hostile shipping information emails claim to inform recipients about tracking or confirmation data. One such example refers to a DHL shipment implied to be en route to the email recipient. Attached to the message is a .zip archive that instead contains an executable used to place a keylogger malware on victims’ machines.
Prime examples of the consumer discount narrative have also been identified circulating. In the United States, one identified campaign claimed to deliver a coupon for a Black Friday LogMeIn discount, but instead delivered the Neverquest financial crimes Trojan – a malware also known as Vawtrak.
Aaron concludes, “Threat actors attempt to leverage in any way the festive shopping and shipping season to further their criminal agendas. This is clear and evident in the phishing email narratives employed during the Christmas season as a means for delivering malicious software. However, through education and application of threat intelligence, it is possible to both train people how to avoid falling for these phishing lures as well as bolster an organisation’s ability to effectively respond to relevant threats.”