‘Tis the season for delivery scams

‘Tis the season for delivery scams: hackers are snowing businesses with delivery notification phishes.

DH double L

Checkpoint (cyber security company) reported in October that DHL replaced LinkedIn as the most spoofed brand in phishing in the third quarter.

The picture below from the CheckPoint blog shows an example of a typical DHL phish.DHL phish

Phishing for business

Of the top ten most spoofed brands, the top four show how hackers are targeting businesses. The percentages show appearance in phishing messages.

  1. DHL (22%)
  2. Microsoft (16%)
  3. LinkedIn (11%)
  4. Google (6%)


Made In Canada

In Canada we’re definitely seeing an increase in Canada Post delivery phishing emails. In the example below you can see how the phishers copied the format of a real Canada Post email in the header. They couldn’t hide their email address which is clearly not Canada Post.'Tis the season for delivery scams

The real Canada Post email address is in both English and French. In the real email from Canada Post below you can see the address is @notifications.canadapost-postescanada.ca .

As well you can check by carefully getting the link information from the  button. Right click the Start the shipping process button, chose Copy Hyperlink and paste into NotePad. Don’t use Word because it will helpfully (sarcasm alert) convert the link into words. Definitely not the Canada Post web site.

‘Tis the season for delivery scams

Be sure to let your staff know about an increase in DHL and other delivery phishing scams this quarter. Note the top four brand impersonations this quarter (DHL, Microsoft, LinkedIn and Google). I have more info on phishing from this spring blog.