Delivery company phishing emails – things to be aware of…
With Black Friday and Cyber Monday now just a memory, we turn our attention to the Christmas shopping season. More and more of our shopping is done online and this year, with everything that has been going on, it is expected that even more people will be heading to the virtual-shops. It is for that reason that we must be more vigilant than ever as scammers will be looking to exploit us in any way they can.
During the last few weeks, we have seen a prevalence of email phishing scams purporting to be from delivery companies. Some more sophisticated than others, but nevertheless we need to ensure we are on the lookout for the tell-tale signs that something is legitimate or not.
Who is the email from?
You get an email claiming to be from ‘DHL Customer Support’ for example. It includes their logo and some text at the bottom taken from one of their actual emails, but is it from them? The first place to check is the ‘From address’ – it may say ‘DHL Customer Support’ is the sender, but is it from a DHL domain? Your first tell-tale sign is that if it is from a gmail/Hotmail/non-DHL domain etc. especially something that doesn’t end in .com or .co.uk then it is obviously a fake, so go ahead and delete it.
Who is it addressed to?
If it is a legitimate email, then the likelihood is that they will have some of your personal information. Your name for example, or the name of the company you may have bought something from, or even the item itself or the order number etc. So, another way to spot a potential fake, is to see who the email is addressed to. Is it your email address? i.e. Dear firstname.lastname@example.org. If they tend to use just your email address a few times within the email, then this should arouse your suspicions. Also, be aware that they may use order numbers and other references within the mailer, but if there are no other personal data, then chances are it is a fake and can be deleted.
Below are examples of recent emails received by some of our members of staff on their personal accounts.
As you can see in the zoomed in image from the first example, although it is claiming to be from DPD Local – it has actually come from ‘Fred_ferreira_@hotmail.com’ It is also addressed to the recipients email address and not their name.
The body of the text also uses the email address and no other personally identifying information. It also stated that “your parcel will be kept in our main DPD warehouse (78 Vandon St, Westiminster) until November 30, 2020. After this period, it will be returned to the sender.” – this email was sent on the 30th November – delivery companies almost always give 7-10 days before returning to sender. Also, they will return to the local hub and not a national one. Essentially these are all just signs that the email is bogus.
Again, look at the sender. Supposedly DPD | UK Services – but they haven’t masked their address so it is showing it has come from email@example.com. Again, it is addressed only to the email recipient with no other personally identifiable information. It is also asking you to pay a fee in order for it to be released. We know that items are returned to sender and they arrange redelivery, you will never be asked to pay for a delivery by the delivery company.
The above represent just a few examples of emails we have seen recently. It is important to stay vigilant as, unfortunately, occasionally emails do sneak through spam filters.
We Hope that this blog will give you some points to look out for in order to keep your accounts safe. For more examples, and other things to lookout for, have a look at this blog we published last year.
Stay safe out there.