With surge in online orders fake delivery men come calling
Kaspersky researchers recently discovered a series of spam and phishing attacks seeking to exploit the coronavirus pandemic by targeting people who are waiting on package deliveries.
These scammers often pose as delivery service employees from major 3rd Party Logistics companies saying that a package has arrived, but, to receive it, the potential victim must read or confirm the information in the attached file.
Once the victim opens the attachment, however, malware is downloaded on their computer or phone.
The malware opens up a backdoor called Remcos onto the device. This malware can turn the PC or phone into a bot, steal data, or download additional malware.
Phishers have also been creating highly believable copies of webpages for popular delivery services as a way to hunt for credentials.
Potential victims are encouraged to input their details—such as their email and password—into the website in order to track their packages.
Tatyana Shcherbakova, senior web content analyst said: "With people regularly receiving notifications about delivery delays or item shortages and without the option to purchase needed items in stores, these types of scams have a high chance of success.
"Even though everyone is anxious to receive their orders, it’s important to always carefully assess where these emails are coming from and make sure the webpage address is correct.”
Kaspersky experts recommend looking carefully at the sender’s address, paying attention to the text, and not opening any attachments. Better to go to the official website of the logistics company for all information.