Holiday cheer isn’t the only thing spreading this time of year. Phishing scams are also on the rise. These scams are especially successful in November and December because we do so much online shopping for gifts.
When you order a package, it’s not uncommon to receive emails from the sender about the status of the delivery. And, usually, those emails are the first ones you open. Especially, if you can’t wait for the arrival of your package.
But what if you saw an email in your inbox that said there were problems with your delivery? Right now, scammers are assuming what your natural reaction will be, and hoping you’ll click anything to find out what’s delaying things.
If you see an email claiming that your package can’t be delivered, double check the sender’s credentials before you click any links in the message or open any attachments. Does the email mention you by name? Does it include your actual order number?
Scammers will use an address similar to the company’s name and even company logos to fool you. The delivery services have caught on to these scams and they want you to report them. FedEx has examples of fraud emails on their site and UPS has an entire PDF file of fraudulent email examples. If you see any emails in your inbox with these subject lines, proceed with caution:
- We could not deliver your parcel, #00556030
- Please Confirm Your DHL Shipment
- Problems with item delivery, n.000834069
- Delivery Receipt | Confirm Awb no:XXX830169
- Your order is ready to be delivered
- Courier was unable to deliver the parcel, ID00990381
- Your DHL isher please download attachment to view detail and confirmation of your address
What happens if you fall for it?
If you’re tricked by these phishing email scams, there are a few different, undesirable scenarios. The link could take you to a spoofed site that requests your account information (logins and credit card details). This site will look very similar to the legitimate site you intended to reach.
The other possible result is that attachments or malicious links could be hiding malware. If you click and accidentally install this malicious software, your device could be infected with software that spies on you, or you could even be hit by ransomware.
Avoiding this phishing scam:
When in doubt, go to the delivery service’s site and log in to your account. Any information about shipping issues should be there. You can also find the company’s customer service line and ask for clarification. If the representative gives you information contrary to the fake email, you can report the scam while you’re on the phone.
You should also follow these general tips to avoid phishing scams of all sorts:
- Be cautious with links – If you get an email or notification from a site that you find suspicious, don’t click on its links. It’s better to type the website’s address directly into a browser than clicking on a link. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn’t what the link claims, do not click on it.
- Double check the URL spelling – When typing a URL into your browser, take the time to verify you’re spelling it correctly. With typosquatting, misspelling a URL could lead to a phishing scam.
- Watch for typos – Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos. Before clicking on a link, hover over it and check for spelling. The safest move is to type the URL into your browser, with the correct spelling of course.
- Use multi-level authentication – When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts. Click here to learn how to set it up.
- Have strong security software – Having strong protection on your family’s gadgets is very important. The best defense against digital threats is strong security software.
Still not sure if you can spot a phishing scam? Take our phishing IQ test to learn the signs of a fake email.
From webcams, sign-ins, to Alexa, don’t make these mistakes
When our PCs work normally, we sometimes take them for granted. We recklessly fill up our hard drives with data, download files, install applications and browse the web as we please. But of course, all it takes is one installation of a malicious application to ruin your PC and worse, have all your information stolen.