SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Check Point warns of surge in phishing scams as hackers impersonate delivery vendors
Fri, 4th Dec 2020
FYI, this story is more than a year old

There is a surge in email phishing campaigns targeted delivery vendors as hackers seek to take advantage of the holiday shopping season, according to new research from Check Point.

Hackers are impersonating trusted delivery vendors, like Amazon, DHL and FedEx, to commit financial fraud. The emails are designed to trick recipients into disclosing their personal details by using message guises of “Delivery Issue” or “Track your Shipment”.

Hackers are timing these email phishing campaigns to coincide with the anticipation of package deliveries for online shoppers who made purchases during the holiday shopping season, where US consumers spent $9 billion online on Black Friday, up 21.6% on a year ago, according to Adobe Analytics.

According to Check Point, hackers are targeting both the before and after sides of the online purchasing experience. Two weeks ago, Check Point researchers documented an 80% increase in malicious phishing campaigns targeting online shoppers in the form of “special offers”, urging shoppers to be wary of “too good to be true” bargains found online. In fact, 1 out of every 826 emails delivered to users worldwide are malicious phishing emails, where the ratio at the beginning of October was 1 out of more than 11, marking a 13x increase.

400% European increase in shipping-related phishing

In the month of November, Check Point researchers documented a 400% European increase in shipping related phishing emails, compared to October. Emails impersonating DHL made up 56% of the total volume of shipping-related phishing emails, followed by Amazon at 37%, and FedEx at 7%.


Europe topped the list in terms of total number of phishing emails. The numbers grew over four times (401%) compared to October. 77%  of these emails in November were fake DHL mails.


In the US, the increase was similar (427%) comparing November to October. The leading impersonated brand was Amazon with 65% of all phishing emails impersonating different Amazon shipping related notifications.

Asia Pacific (APAC)

APAC showed a more moderate, though significant, increase (185%) with DHL accumulating almost 65% of the total phishing emails.

“Hackers are going after the entire online shopping experience, before and after people have made purchases," says Check Point manager of data intelligence, Omer Dembinsky.

"First, hackers will send “special offers” to peoples' inboxes from their favourite brands. Then, hackers will send an email about the delivery of purchases, even if you bought from a trusted source," he explains.

"Now that Black Friday and Cyber Monday are over, we're turning towards the other side of the equation, which is deliveries. Think twice as you open up any post-purchase emails this holiday season.

"The email could be from a hacker. Take a closer look at any email that alleges they are from Amazon, DHL or FedEx. Watch for misspellings. Beware of Lookalike Domains. It's clear to us that hackers are targeting online shoppers at every step of the online shopping experience, where the danger is very real before and after you make a purchase.