Scammers preying on last-minute Christmas shoppers with fake deliveries


Scammers are targeting shoppers via fake websites and phishing SMSs, impersonating postal operators and delivery companies.

Singapore-based cybersecurity company Group-IB has identified a phishing campaign impersonating postal and delivery companies’ brands across 53 countries. Most of the detected phishing websites target users in Germany (17.5%), Poland (13.7%), Spain (12.5%), UK (4.2%), Turkey (3.4%) and Singapore (3.1%).

In total, since the beginning of November, 1,539 phishing websites impersonating postal operators and delivery companies were detected. According to the company, there has been a sharp increase of 34% in the number of phishing websites in the first half of December.

ADVERTISEMENT
fake delivery scams
Credit: Group-IB

Just weeks before Christmas, scammers are trying to capitalize on the rush for last-minute gifts by sending SMS messages, often disguised as “urgent” or “failed” delivery notifications. The messages impersonate well-known postal services to trick recipients into visiting scam websites and leaving their personal and payment details.

“With last-minute shopping and the desire to get parcels on time, people tend to be less cautious. Scammers exploit this sense of urgency by sending fake delivery notifications. The high volume of packages being shipped during the holiday season makes it easier for scammers to hide among legitimate delivery services,” says Vladimir Kalugin, Operations Director at Group-IB.

Users of delivery services should stay cautious and verify the authenticity of any delivery notifications they receive. Also, refraining from clicking on suspicious links and cross-checking information with trusted sources are essential to mitigate the risks of falling for fake delivery scams.