Thanks to Chris Cope for this look at Festive scams.
Its that time of year when we all spend plenty of money buying presents for loved ones and, in a trend that increases year on year, many of these transactions are carried out online. Online transactions are worth millions of pounds to retailers and its no surprise that criminals are interested in trying to get a piece of that action. We posted earlier this week on the risks of trusting web sites that seemed too good to be true, or not confirming the authentication of the web page as spoofing, and outright mis-selling, remain common tricks. However, some criminals are looking at another vulnerability; deliveries. For those of use who do order a substantial number of items online, the sight of the delivery driver bringing another box or parcel becomes a common one; as does the sight of the “Sorry we missed you” card posted through the letter box. Now it appears that some
criminals are trying to exploit this element of online shopping. My wife received an email yesterday from, what at first glance, appeared to be a reputable delivery company. The contents of the email were, in summary, that a parcel was due to be delivered and the company had found no one in. Could we please complete the attached word document and send it back to them to arrange an alternative delivery time and date? Seems straight forward enough, but on closer examination, the attachment contained malware. Criminals are attempting to cash in on the sheer volume of such deliveries at this time of year, particularly when online retailers use a variety of delivery agents. With so many deliveries, its easy to forget how many parcels you have received out of the number you are expecting.
So how to protect yourself? Well firstly most retailers will state which company they use to deliver your items, so an unexpected communication should be treated with caution. Many delivery agents will leave a physical card if they miss you, so an unsolicited email that doesn’t match those details should cause concern. Naturally, keeping your anti-virus up to speed is important, don’t ignore warnings that appear. Finally, check out the email address of the sender. Some legitimate email addresses have been used in the past, but word of such cons quickly gets around. When we googled the email address of the email sender, there were a large number of warnings from other victims. There really is nothing wrong with learning from the experience of others.
Sadly, at the time of year, in what should be a time of celebration, there are plenty of criminals who look to take advantage. Don’t become a victim, take a few basic precautions and enjoy a Happy Christmas.