Delivery phishing scams are already on the rise ahead of Black Friday
The email domains of popular delivery companies in the UK are insufficiently protected against phishing, spoofing, and other forms of fraud, making them an ideal attack vector this Black Friday and the rest of the holiday season.
This is according to a new report from Tessian, which claims that things could get a lot worse than last year, due to various supply chain issues and poor security protocols.
According to the company, fraudsters could easily impersonate email domains of two-thirds (64%) of the top couriers. Of all the best global couriers, just a fifth (20%) have configured Domain-based Authentication, Reporting & Conformance (DMARC) to its strictest setting, allowing malicious actors to “directly impersonate” a courier’s domain.
Impersonating delivery companies to try and trick people into giving away valuable personal information, such as passwords, is nothing new. This year, a third (33%) of UK’s consumers have already received such a phishing email, but Tessian believes these figures will “soar” during Black Friday and Christmas.
This time last year, the company detected 90,000 phishing attacks, more than three times the amount recorded in the weeks leading up to Black Friday.
How to identify a phishing email
“Identifying the signs (of a phishing email) may not be as easy as you think if attackers are convincingly impersonating a delivery firm in their messages,” comments Tim Sadler, CEO for Tessian. “Therefore, it’s so important to question every message you receive and always think before you click.”
According to the experts, recipients should always be wary of typos and other spelling errors, as those are the first, and most common, red flag. Then, they should verify the sender’s identity, by making sure their name and email address match up, especially for consumers reading emails on a mobile device. Malicious actors will often spoof a brand name, hoping readers don’t take the time to inspect the email domain.
At the end of the day, most delivery companies and retailers have multiple communications channels open at all times. Consumers can do their due diligence by reaching out to the company directly, to confirm the authenticity of the message received.
You should also check out our list of the best security keys out there today
The email domains of popular delivery companies in the UK are insufficiently protected against phishing, spoofing, and other forms of fraud, making them an ideal attack vector this Black Friday and the rest of the holiday season. This is according to a new report from Tessian, which claims that things…
Recent Posts
- Python devs are being targeted by this massive infostealing malware campaign
- Seriously, just buy the LG C3 OLED already – it’s an absolute bargain
- Meta’s new opt-out setting limits visibility of politics on Instagram and Threads
- New Mint Mobile deal gets you a second line free when you switch
- Razer’s lightning-quick Huntsman V2 keyboard is down to its lowest price to date
Archives
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011