Cyber Threat Summary:
With many shoppers rushing to order Christmas gifts, scammers are taking advantage of this opportunity by creating phishing sites impersonating delivery services. According to Group-IB, these fake delivery sites have surged by 34% in December alone, with the company identifying 587 sites designed to look like legitimate postal operators and delivery companies in the first 10 days of December. These sites are suspected to belong to a single campaign that has been impersonating brands in 53 countries. Since November 1539 fake delivery sites have been detected, most of which originate from Germany (18%), followed by Spain (13%), Poland (14%), and the UK (4%).

Security Officer Comments:
In the latest campaign, victims are sent a text message warning of an ‘urgent’ or ‘failed’ delivery. These text messages contain a link to the fake delivery sites, urging victims to leave behind their personal and payment details. Given that the sites are impersonating popular delivery services, victims might fall for the lure as they may have an incoming package from one of these operators already. What’s more, researchers state that the scammers are restricting access to these sites via geofencing and based on the type of device and operating system used. Furthermore, the actors are only keeping the sites live for a couple of days, making it difficult for security professionals and anti-scam solutions to detect them.

Suggested Correction(s):
With an increase in cybercriminals impersonating well-known brands and companies, users should be more careful when interacting with alerts or messages that come via SMS and emails. Also before entering payment and personal details online, verifying the authenticity of the site can be crucial in preventing actors from gaining access to this information.

Link(s):
https://www.infosecurity-magazine.com/news/fake-delivery-websites-surge-34/