Experts warn of deliveries scams that use a COVID-19 theme

Pierluigi Paganini April 28, 2020

Kaspersky experts uncovered a new wave of phishing scams that use a COVID-19 theme and impersonate shipping carriers, including FedEx, UPS, and DHL.

The COVID-19 outbreak is forcing people to work from home and make shopping online causing a consequent increase in the number of home deliveries. Crooks are attempting to exploit the crisis and are carrying out scams using COVID-19 delivery issues as a lure in the attempt to trick victims into visiting malicious links or open malicious attachments.

Kaspersky observed COVID-19-themed phishing scams that impersonate popular shipping carriers such as FedEx, UPS, and DHL.

One of the messages detected by Kaspersky impersonated DHL and informs the recipient that a package was being held due to the Coronavirus lockdown. The message urges the users to apply necessary corrections to the document in attachment. Upon opening the shipping document, the infection process will start and will install the Bsymem Trojan.

DHL COVID-19 phishing

Some of the emails used in the campaigns inform the victims of delivery delays, experts also noticed that the bottom of the message includes a statement that it was scanned by a mail security solution and that its content is secure.

Similar attacks employed messages that pretend to be from FedEx and inform users that a package is being held at the warehouse due to the COVID-19 lockdown. The emails urge the recipient to click on a malicious link to unlock the delivery and reschedule for pick up. Experts also discovered a similar campaign using UPS phishing scams.

“Spammers may pose as delivery service employees to persuade victims to open malicious e-mail attachments. The classic trick is to say that to receive a package that’s come in, the recipient must first read or confirm the information in an attached file.” reads the analysis published by Kaspersky.

“For example, a fake delivery notification e-mail in broken English says that a parcel cannot be delivered because of the pandemic, so the recipient needs to come to the warehouse and pick it up in person.”

Kaspersky experts also found phishing messages that pretend to be from UPS customer service and state that a package is being held for pick up due to the pandemic.

Kaspersky researchers recommend users to pay close attention to the wording and grammar of any emails they receive and to look carefully at the sender’s address.

Experts also urge to avoid opening attachments in e-mails from delivery services that urge the recipient to take action, in a similar way do not click on any embedded link. Install a reliable security solution that detects block phishing messages and access to phishing websites.

Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – phishing, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment