Watch out – scammers are impersonating DHL and DPD this Black Friday
>
Fake text messages impersonating well-known delivery companies have surged in recent weeks, with scammers expected to take full advantage of the upcoming Black Friday sales.
Cybersecurity company Proofpoint has reported a significant recent increase in SMS scams – known as ‘smishing’ – pretending to come from legitimate delivery companies, particularly DHL and DPD.
In the fourth quarter of 2020, Proofpoint found that fraudulent courier messages accounted for 16% of all smishing scams, while they accounted for 56% in the same period for 2021. Overall, the number of smishing attacks in the UK has increased by 105% in just one year, so this year’s Black Friday event could bring even more threats.
How it works
Smishing messages usually involve informing the victim that their ‘package’ cannot be delivered and the delivery must be rescheduled, or a package is being held and a fee must be paid to have it released.
The message contains a link that, when clicked, directs the victim to a phishing page – a fake version of the real delivery company’s website – where the cybercriminals can do harm, such as installing malware or asking victims for card details which they then steal.
Such scams can be quite effective, as people typically order a lot during Black Friday and the holiday season, not necessarily knowing which delivery company will be used. Delivery companies also often send legitimate short text messages to their customers, making it difficult to differentiate between the real thing and a scam.
However, a telltale sign is to look at the web link: as the image shows, they often contain strange characters or words and are not as simple as their legitimate counterparts, such as ‘[]’. There would be no reason for a legitimate website to have such characters.
It is not surprising that there are already a lot of scams in the run-up to Black Friday. Bitdefender discovered that the current phishing scams currently circulating include offers of discounts on designer items, fake gift cards for popular stores, and fake surveys promising the latest Android phones upon completion.