The COVID-19 pandemic continues to impact supply chains for countless industries around the world. Unfortunately, cybercriminals are using problems like shipping delays to their advantage. Recently cybercriminals started using the possibility of a delayed or missed shipment as phish bait.
The scam starts with an email that appears to come from a reputable shipping company (FedEx, UPS, or USPS) or a trusted online store (Amazon, Etsy, Walmart). The email urges you to click on a link to download an important shipping confirmation document. If you click the link, you’ll be taken to a login webpage that asks for your email and password. Unfortunately, the email was actually sent by cybercriminals and the link leads to a well-designed phishing webpage. Any information that you enter on the webpage will be sent straight to the cybercriminals.
To stay safe from similar scams, remember the following tips:
- Watch out for a sense of urgency. These types of scams rely on impulsive actions, so always think before you click.
- Never click on a link or download an attachment in an email that you were not expecting.
- If you are expecting a shipment and receive a related email, confirm that the email is legitimate before clicking any links in the email. Look for details such as the order number, the purchase date, and the payment method.
If you suspect you have been duped by this type of phishing scams, go to IdentityTheft.gov. There you’ll see the specific steps to take based on the information that you lost. And be sure to contact your bank immediately.
Your security is our top priority.