As we all stayed at home during the pandemic, there was a surge in demand for home deliveries; and that huge increase in activity has proved the perfect smokescreen for scammers. They use the fact that many people have some sort of delivery ‘on its way’ to send text communications designed to trick them into handing over data from fake links and websites.
Fake text messages are commonly referred to as ‘smishing’ attacks, described by Norton as:
“when someone tries to trick you into giving them your private information via a text or SMS message… Smishing is particularly scary because sometimes people tend to be more inclined to trust a text message than an email. Most people are aware of the security risks involved with clicking on links in emails. This is less true when it comes to text messages.”
Further evidence that the explosion in deliveries has attracted the scammers, comes from the corresponding dip in fake messages where the scammer is pretending to be from a bank, or other financial services company. Those attempts typically tell you that ‘your account has been compromised and that you need to move money to a safe place’. Over the same 2020/21 period they have fallen from 37% to 23% of reported scam texts.
Sarah Lyons, deputy director for Economy & Society at the National Cyber Security Centre, said that Proofpoint’s findings prove that scammers choose to:
“regularly exploit well-known, trusted brands for their own personal gain” and that these messages “can be very hard to spot”.
McAfee’s VP, Antony Demetriades, said that Proofpoint’s findings show that:
“Following nearly 18 months of lockdowns, working from home, and store closures, it’s not surprising that we’ve seen an increase in online criminals tapping into consumer online shopping habits with fake parcel delivery scams. Scams, fraudulent emails and texts are a common tactic used by online criminals, as it enables them to target a large number of consumers with the same text or email, with the aim of gathering personal information. These fake parcel delivery scam messages can trick consumers into visiting malicious websites that can be used to install malware or steal personal or financial information and passwords” he said, adding that “it’s also important to remember that official organisations will never ask for personal or financial information via text, phone or email”.
Katy Worobec, Managing Director of Economic Crime at UK Finance, said:
“Criminals are experts at impersonating a range of organisations and have capitalised on the pandemic, knowing that many of us will be ordering goods online and awaiting parcel deliveries at home. ”
“We are urging people to … always stop and think whenever you get a text message out of the blue before parting with your information or money. Always avoid clicking on links in a text message in case it’s a scam and forward any suspected scam text messages to 7726… so that the criminals responsible can be brought to justice.”