Cybersecurity warning over phishing targeting online shoppers [News Article]
Article from Irish Tech News, April, 2020
Reports of a surge in ‘phishing’ emails and text messages falsely claiming to be from courier companies have prompted Smarttech247 to issue a reminder to consumers about the risks of engaging with unknown contacts. Smarttech247 is a leading managed security service provider which has operations in Ireland, Romania, Poland and the US.
Scammers are keen to take advantage of a surge in online shopping and associated deliveries during the COVID-19 public health emergency. In these ‘phishing’ operations, they will send a consumer an email or an SMS that looks like it came from a legitimate courier company, falsely claiming they had a package to deliver or had tried unsuccessfully to do so.
The scammer may demand payment, either to clear ‘outstanding charges’ before delivery, or to secure another appointment for delivery, and include a fake link inside the message. A number of high profile companies have been unwittingly caught up in some of these schemes once again in recent weeks.
General Manager of Smarttech247 Raluca Saceanu says people can be taken in by these scams, even if they haven’t ordered anything online: “Scammers send out thousands of these emails or SMS all the time in a kind of a splatter gun effect. They know that some will be filtered out through spam and many people will delete them straight away.
However, the messages can look so genuine that people who have been doing a lot of shopping, or who might be expecting a package in the post simply assume that’s what it’s about – and hand over their details or allow a transaction to go ahead”.
A close look at those emails or SMS can often reveal some telltale signs that they’re trying to rip off innocent customers:
— How is the message written – are some sentences incomplete or misspelt?
— A legitimate courier company will communicate with customers using a company email address – eg firstname.lastname@example.org, not an email address anyone can get online for free
— Are any included links shortened?
— Hover your cursor over any links in the suspect email – it should bring up the URL of the link destination – is it the website you’re expecting?
— At the start of the email, are you addressed by name? If not, it could be a sign that you’re one of the thousands caught up in the latest round of a phishing scam
Raluca says: “Whether they are demanding you pay a charge or simply that you click on the link in order to update delivery details, once you hand over these details your personal data is at risk. If you’re concerned, double-check the details and try to contact the real courier company to see if they communicate in this way. Verifying by a phone call is a really robust way to protect yourself in a phishing situation”.