Surge in fake delivery websites preying on Christmas shoppers detected
A sharp rise in fake delivery websites preying on Christmas shoppers has been detected by Group-IB, a global expert in cybersecurity technologies.
In early December, a 34% surge in such websites was noted, with 587 identified. This phishing campaign is reportedly spanning 53 countries and significantly impacts postal brands worldwide.
Scammers are exploiting the festive season rush by sending deceptive SMS notifications and employing evasion tactics based on geography.
Among the key findings, Singapore accounted for 3.1% of users targeted by the detected phishing pages. The scammers use methods such as "typosquatting" and geographical restrictions to evade detection, with these deceptions being limited to certain countries. To mitigate this risk, Group-IB advises users to verify delivery notifications, avoid suspicious links, and cross-reference information.
Vladimir Kalugin, Operations Director (Digital Risk Protection) at Group-IB, underscores the scammers' exploitation of last-minute shopping urgency and stresses the need for increased user vigilance.
He said, "Scammers exploit this sense of urgency by sending fake delivery notifications. The high volume of packages being shipped during the holiday season makes it easier for scammers to hide among legitimate delivery services."
"We recommend users verify sender details, search through official channels cautiously due to scammers' mimicry, treat messages as alerts, independently access official websites, and be aware of the ongoing schemes."
Fake delivery scams have spiked in December, a time when delivery companies are busiest due to the surge in online orders. Scammers are creating hundreds of websites that mimic real postal brands daily, with the highest volume of phishing resources recorded on December 8, 2023.
The affected postal brands include those in 53 countries, with most phishing pages targeting users in Germany (17.5%), Poland (13.7%), Spain (12.5%), the UK (4.2%), Turkey (3.4%), and Singapore (3.1%).
Besides targeting postal services, scammers are also exploiting telecom operators, banks, and toll services. They use various evasion techniques to avoid detection by authorities and cybersecurity researchers, limiting access to their scam websites based on geography and allowing access only from specific countries where they target victims.
Group-IB further observed that these fake resources only exist for a few days, making it challenging for security experts to investigate and for traditional anti-scam solutions to detect them. Impersonated brands inevitably bear the brunt of these campaigns, with unhappy customers acting swiftly. Brand owners need to detect and respond quickly to such threats.
To counter them, Group-IB states businesses should invest in automated, machine-learning-powered digital risk protection systems that incorporate scam intelligence and can ascertain fraudulent infrastructure at early stages, thereby initiating the takedown process.