DHL was the most imitated brand in phishing campaigns throughout Q4 2021, pushing Microsoft to second place and Google to fourth.
This is not surprising given that the last quarter of each year includes Black Friday, Cyber Monday and the Christmas shopping season, so phishing lures based on parcel deliveries are naturally increasing. .
DHL is an international parcel delivery and express courier service, delivering more than 1.6 billion packages a year.
Thus, phishing campaigns impersonating the brand have a good chance of reaching people waiting for a DHL package to arrive during the holiday season.
Specific decoys range from a package stuck at customs requiring action for customs clearance to supposed tracking numbers hiding in document attachments or embedded links.
According to a report by threat intelligence firm Check Point, the top ten brands spoofed by phishers in Q4 2021 are:
- DHL (linked to 23% of all phishing attacks worldwide)
- Microsoft (20%)
- WhatsApp (11%)
- Google (10%)
- LinkedIn (8%)
- Amazon (4%)
- FedEx (3%)
- Roblox (3%)
- PayPal (2%)
- Apple (2%)
In an example shown on the Checkpoint Report, a phishing campaign used spoofed DHL customer support email addresses to send the “shipping notification” message, as shown below.
In this case, the email asks the user to verify their identity, which takes place on a phishing page designed to look exactly like the real DHL site.
In the FedEx decoys sampled by CheckPoint, the actors claim they cannot deliver the package to the recipient, asking the victim to enter their details on a phishing site.
Finally, there is a sinister PayPal phishing specimen that asks the target to “confirm their account information” to lift a temporary suspended status.
Keep Calm and Stay Alert
The best way to deal with incoming emails that make bold claims and demand immediate action is to be cautious and avoid jumping into immediate action.
Instead, you need to open a new browser tab, visit the alleged sender’s official website, confirm the validity of the URL you are on, and then log into your account. If action is required on your part, you will see the relevant alerts here.
Never click on buttons embedded in emails and avoid downloading and opening documents that arrive via unsolicited communications.
Phishing relies on creating a sense of urgency, so whenever you encounter an email that causes you distress, consider the possibility that it is an attempt to trick you into to disclose sensitive information.