‘Delivery scams’ could target your holiday shopping, experts warn

News

SPARTANBURG, S.C. (WSPA) — With more shoppers spending their cash with online retailers this year, tech experts are warning of the rise of delivery scams. According to Check Point Software Technologies, Ltd., the frequency of the crimes spiked 427% from October to November. The scam starts with phishing and could lead to thousands of dollars lost.

โ€œIโ€™ve seen the fake emails that have come out,” Tech After Five Founder Phil Yanov said. In the emails, scammers pretend to be companies like UPS, DHL, FedEx or Amazon, sending bogus “Track My Order” emails or lost shipment emails.

Interacting with the scams could lead confused users to enter financial, personal or other information, forfeiting priceless data to criminals.

To spot the scam emails, Check Point has six points of advice:

  1. Never share your credentials: Credential theft is a common goal of cyberattacks. Many people reuse the same usernames and passwords across many different accounts, so stealing the credentials for a single account is likely to give an attacker access to a number of the userโ€™s online accounts. 
  2. Always be suspicious of password reset emails: If you receive an unsolicited password reset email, always visit the website directly (donโ€™t click on embedded links) and change your password to something different on that site (and any other sites with the same password). 
  3. Verify you are using a URL from an authentic website: One way to do this is not to click on links in emails, and instead click on the link from the Google results page after searching for it.
  4. Beware of lookalike domains: Spelling errors in emails or websites, and unfamiliar email senders.
  5. Always note the language in the email: Social engineering techniques are designed to take advantage of human nature. This includes the fact that people are more likely to make mistakes when they are in a hurry and are inclined to follow the orders of people in positions of authority. Phishing attacks commonly use these techniques to convince their targets to ignore their potential suspicions about an email and click on a link or open an attachment.
  6. Watch for misspellings: Beware of misspellings or sites using a different top-level domain. For example, a .co instead of .com. Deals on these copycat sites may look just as attractive as on the real site, but this is how hackers fool consumers into giving up their data.

If an email seems suspicious, Yanov said, it probably is. His advice? Delete it.

“Thereโ€™s nothing to be learned here,” he said. “Iโ€™m not going to outsmart some dude in another country sending out fake emails.”

Copyright 2021 Nexstar Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

High School Standouts
Ask the Expert
Livin' Upstate
Find A Job
wspa news app free for download choose your store below
download the wspa news app from the apple app store
download the wspa news app from the google play store