Security News > 2020 > May > Fake FedEx, DHL, and UPS delivery issues used in COVID-19 phishing scams
A new report from Kaspersky found that cybercriminals are using the increase in delivery demand to push convincing phishing emails into thousands of inboxes.
"The spikes in demand are causing in-transit times to stretch out. As a result, customers are getting used to receiving apologetic messages from couriers linking to updated shipping statuses. Recently, we have observed a number of fake sites and emails supposedly from delivery services exploiting the coronavirus topic," Kaspersky Lab anti-spam analyst Tatyana Shcherbakova wrote in a blog post.
More sophisticated phishing emails even contain images to make them seem like they have come from DHL, UPS and FedEx.
James McQuiggan, security awareness advocate at KnowBe4, said it was becoming common for phishing scams to use a delivery shipment as the subject of the email, knowing end users are curious about the package or expecting a delivery.
"Our human nature sparks our curiosity of wanting to know about that delivery. With these delivery phishing scams, it's crucial not to rely on the link in the email. It's a lot more reliable to copy the shipping or tracking number from the email and post it on the actual website, as the tracking information will be located on the home page in most cases," McQuiggan said.