Note the spelling errors or other unprofessional wording—phishing emails surged 400+% in Europe and the USA in November.
We all know by now that this year’s unprecedented e-commerce surge comes with unprecedented cybercriminal attacks as well.
During the month of November, there was the expected dramatic spike (440%) in phishing emails compared to the previous month. In tune with the year-end shopping trends, the phishing emails have been tweaked to impersonate shipping-related processes.
Unlike classic phishing emails that are designed to lure people into giving personal details, credit card info or bank account credentials, shipping-related phishing emails specifically report a “delivery issue” or “Track your shipment” details.
All such campaigns try to lure the recipients to submitting details and stealing credentials or financial data. Researchers from Check Point Research believe that hackers have specifically chosen this vector in November because as they know that large numbers of online shoppers are waiting for their packages to arrive and are more attentive to shipping-related emails while they may be more aware of more traditional e-commerce related fraud and phishing attempts.
To gather the most traction, hackers have tied most of the phishing content to internationally-known shipping companies such as DHL, Amazon and FedEx. Emails impersonating DHL personnel made up 56% of the total volume of shipping-related phishing emails, followed by Amazon with 37%, and FedEx with 7% of total.
In terms of total number of phishing emails unleashed onto unsuspecting e-shoppers, Europe topped the list, and the numbers grew over four times (401%) compared to October. Some 77% of these emails in November were fake DHL mails, according to Check Point’s data.
In the US the increase was similar (427%) comparing November to previous month. The leading impersonated brand was Amazon with 65% of all phishing emails impersonating different Amazon shipping-related notifications.
The Asia Pacific region showed a more moderate, though still-significant increase (185%) with DHL accumulating almost 65% of the total phishing emails.