There are some really weird and wonderful phishing emails out there (our favourite is still the assassin who let us know we were on his hit list). However, it’s often the more mundane phishing emails that reel victims in. Online shopping is likely to be the main option for many people this year, and it’s something that those unscrupulous phishers are likely to be aware of. As such, we’re taking a look at the delivery phishing email, and how you can stay safe.
What is the delivery phishing email?
The delivery phishing email is an email that lands in your inbox informing you that you have an item ready for delivery or collection, or an item that has just been dispatched.
Phishing scams are also playing on our weaknesses around Christmas. It’s likely that we’re expecting a lot of deliveries, our stress levels are likely to be a little higher if we’re scrambling to get everything purchased and sent before the 25th, and this means we’re less vigilant when it comes to phishing emails.
As such, phishers are more likely to sneak under the radar, particularly if their emails have Amazon’s branding plastered all over them. Phishing emails usually use one of the big brands you know as the recipient. Amazon and eBay are popular choices for phishing scams, because a huge amount of us use these websites regularly, and we’re used to getting emails from them. For phishers, this means that as victims, we’re already feeling secure when we see an email from them.
Next, there’s the hook. There has to be a reason for you to open the email without thinking things through properly, and often that means asking the victim to do something promptly (sometimes with a specific time limit to really speed things along). In the Delivery phishing email, it’ll either be the ability to track your package, or a request for your address. There might be a suggestion that you won’t receive the package until you take action.
Finally there’s the all important link. This is a big tempting button that will purportedly take you to Amazon’s website to input your details. Again if you’re used to shopping online this might not seem unusual, and if you’re in a mad pre-Christmas scramble then it’s likely you’ll click the link and try to get things sorted as fast as possible. Unfortunately, it’s not going to be Amazon’s website on the other end of the link - it could be a direct download of malware, or an imitation designed to get you to input your login details.
Why would a phisher want access to my Amazon account?
A phisher might want access to your Amazon account to purchase a load of items for themselves. But it’s just as likely that they’re after your details to sell them on, or try your login details on a different account - your email for example. Once they have access to your email, they can theoretically get access to every account you’ve linked to your email; after all, where do all those password resets go? That’s why we advise that you use a different password on all your accounts.
Our top tips to avoid a phisher
Take your time
The festive period can often be a crazed rush to the finish line, but it takes a lot more time to recover your accounts from a phishing scam than it does to read an email carefully. Look critically - are there spelling errors? Check the recipient - is it the email address you’d expect? Is there a delivery that you’re expecting an update from?
Hover, don’t click!
The phishers are getting clever, and even if everything looks legitimate that doesn’t guarantee the email is safe. Hover over the links in the email and see where the link is sending you to. If the web address looks suspicious, or you don’t recognise it, don’t click!
Go to the website directly
The easiest way to circumvent phishing emails is to avoid clicking links. Go to the website directly so you can be sure that you’re in the right place. Any information pertaining to a delivery should be accessible through your account. If you’re still in doubt, give them a call - but make sure you use a contact number listed on the real website.
