Beware of online shopping delivery scams

Cybersecurity researchers are urging consumers to be on the lookout for delivery scams following Black Friday and Cyber Monday, and in the lead up to the holidays.

This comes after Mimecast’s threat hunting team detected malicious emails and spoofed web pages impersonating well-known delivery companies in South Africa.

Researchers from Mimecast have uncovered a number of widely used scams that aim to steal financial information from South Africans, under the guise of paying delivery fees for packages.

According to Brian Pinnock, cybersecurity expert at Mimecast, cybercriminals are capitalising on higher delivery volumes during the end-of-year shopping season by imitating trusted courier and delivery companies.

“Tens of thousands of emails are being sent to consumers in the hope that they will bite. Once they click on the link provided in the email, consumers are redirected to a web page where they are asked to pay a small fee for their package to be delivered. Once they enter their credit card details, they have handed their financial information over to the criminals.

“With so many presents being sent at this time of the year, it’s hard for the receiver to know whether the package has been sent by a loved one, so it’s an easy way to trick people. The fee is small, so they don’t mind making the payment.”

Two well-known delivery brands in South Africa have been impersonated in the campaign, with nearly 50 000 emails sent to unsuspecting consumers. Examples of the scams are attached, including screenshots of the emails and the fake web pages to which consumers are redirected.

This latest threat intel follows the discovery of another scam a couple of months ago, that imitated the brands of national postal services in at least 26 countries, including South Africa.

“The growing popularity of online shopping in South Africa and ongoing disruption from the pandemic is creating fertile ground for threat actors to subvert the brands of well-known delivery companies in the service of cybercrime,” says Pinnock. “Consumers should exercise extreme caution when clicking on links in emails, especially when some form of payment is being requested.

“Delivery companies should also take additional steps to protect customers, including the deployment of DMARC and brand exploit protection solutions that limit cybercriminals’ ability to imitate their brands.”