Dive Brief:
- Cybercriminals used the hurried holidays to target unsuspecting individuals with phishing scams on fake delivery sites, Group-IB warned Dec. 21.
- Since the start of November, Group-IB said it has detected a single campaign linked to 1,539 phishing sites impersonating postal operators and delivery service companies in 53 countries.
- The cybersecurity company’s computer emergency response team observed 587 fake postal resources in the first 10 days of December, representing a 34% increase from the 10 days prior.
Dive Insight:
Elevated levels of stress and shopping activity around the holiday season presents threat actors with an opportunity every year. Retailers anticipated surges in cyber activity ahead of the Thanksgiving holiday and Black Friday weekend too, and end-of-year cyber scaries are a common premonition among incident responders.
Phishing campaigns such as those detected by Group-IB in December can create tension between impersonated delivery service companies and their legitimate customers.
Text messages disguised as urgent or failed delivery notifications direct potential victims to phishing pages that mimic delivery companies’ legitimate URLs prompting individuals to share personal and payment information.
“The high volume of packages being shipped during the holiday season makes it easier for scammers to hide among legitimate delivery services,” Vladimir Kalugin, operations director of digital risk protection at Group-IB, said in a blog post.
“We recommend users verify sender details, search through official channels cautiously due to scammers’ mimicry, treat messages as alerts, independently access official websites, and be aware of the ongoing schemes,” Kalugin said.
Threat actors attempt to evade detection by limiting access to their phishing sites to potential victims located in the countries targeted. These fake sites also often go dark after a few days, making it difficult for researchers and law enforcement agencies to detect and investigate further, according to Group-IB.