Shipping Today! Cybercriminals at Your Doorstep

Cybersecurity is a real issue for small and large businesses alike. Just like financial and retail and hospitality firms, shipping service providers are no exception to the wrath of cybercrimes.

With on-demand, free, and same-day delivery options at fingertips, these services mean that virtually anything is accessible at any time and can be sent straight to the doorsteps. While the shipping services have simplified the process of delivering orders, cybercriminals are exploiting them for foul play with an intent to steal users’ personal and financial data.

Targeting to pilfer user data

Phishing emails or messages highlighting fake shipping alerts or fake tracking updates is a common social engineering trick to lure users. In order to make them look less suspicious, scammers send these texts or emails under the pretext of a known shipping provider like FedEx, DHL, or UPS. Some examples are:
  • Fake delivery preference messages appearing to come from FedEx tricked users into revealing their personal and credit card details. These messages included a link that redirected victims to a customer satisfaction survey.
  • Cybercriminals leveraged overwhelming delivery issues during COVID-19 as a lure to draw the attention of users. These phishing email scams included spoofed delivery tracking websites of DHL, FedEx, and UPS, as a way to steal account information.

Other purposes

In addition to pilfering data, cybercriminals take advantage of the package delivery services to distribute malware.
  • According to a report from Kaspersky, threat actors delivered Remcos backdoor through a fake delivery notification. The malware could allow the attackers to turn the PC to a bot, or install other malware.
  • Trend Micro researchers detected a fake shipment arrival notification from DHL Express that used ACE files to disperse Trojan.Win32.GULOADER.A.

Where users lose to the bad actors

Cybercriminals are using a number of different attack styles centered around package delivery to scam users of their sensitive data. They are upping the ante by creating a spoofed package tracking website. Patrick Hamilton, a cybersecurity evangelist at Lucy Security, highlights that scammers know people like to track their packages and tend to click on links before thinking or checking them.

Beyond phishing email attacks

  • Australian courier and logistics giant, Toll Group, suffered a major blow after it was hit by Maito ransomware. The incident had also affected its parcel delivery service, Global Express.
  • Data belonging to 9 million customers of CDEC Express transportation service was put up for sale on the web for $950. The database contained information about the delivery and location of goods and information about buyers.

Staying safe

People should be wary of emails from unsolicited sources. People should thoroughly check the sender addresses before downloading attachments from shipping providers.