Skip to main content
close search
site logo
Dive Brief

Fleeting fake delivery phishing campaign targets last-minute shoppers

Text messages disguised as urgent or failed delivery notifications can create tension between impersonated delivery service companies and legitimate customers.

Published Dec. 22, 2023
Matt Kapko's headshot
Senior Reporter
Santa Claus
iStock / Getty Images Plus via Getty Images

Dive Brief:

  • Procrastinating last-minute shoppers beware — cybercriminals are using the hurried holidays to target unsuspecting individuals with phishing scams on fake delivery sites, Group-IB warned Thursday.
  • Since the start of November, Group-IB said it’s detected a single campaign linked to 1,539 phishing sites impersonating postal operators and delivery service companies in 53 countries.
  • The cybersecurity company’s Computer Emergency Response Team observed 587 fake postal resources in the first 10 days of December, representing a 34% increase from the 10 days prior. 

Dive Insight:

Elevated levels of stress and shopping activity around the holiday season presents threat actors with an opportunity every year. Retailers anticipated surges in cyber activity ahead of the Thanksgiving holiday and Black Friday weekend too, and end-of-year cyber scaries are a common premonition among incident responders.

Phishing campaigns such as those detected by Group-IB this month can create tension between impersonated delivery service companies and their legitimate customers.

Text messages disguised as urgent or failed delivery notifications direct potential victims to phishing pages that mimic delivery companies’ legitimate URLs prompting individuals to share personal and payment information.

“The high volume of packages being shipped during the holiday season makes it easier for scammers to hide among legitimate delivery services,” Vladimir Kalugin, operations director of digital risk protection at Group-IB, said in a blog post.

“We recommend users verify sender details, search through official channels cautiously due to scammers’ mimicry, treat messages as alerts, independently access official websites, and be aware of the ongoing schemes,” Kalugin said.

Threat actors attempt to evade detection by limiting access to their phishing sites to potential victims located in the countries targeted. These fake sites also often go dark after a few days, making it difficult for researchers and law enforcement agencies to detect and investigate further, according to Group-IB.

Filed Under: Cyberattacks, Threats

Editors' picks

Company Announcements

View all | Post a press release
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell