The last few weeks of lockdown coinciding with the start of the festive holiday season has lead to a boom in online shopping. The big winners have obviously been the retailers and the delivery companies whose expert logistic networks mean that we get our goods quicker than ever before. Unfortunately, the scammers are never too far away from spreading misery in the season of cheer.
To understand the growing menace of online fraudsters you need to think of their operations as operating exactly the same as a genuine business. They use the same online advertising methods such as Facebook ads to grab the attention of online shoppers and divert them away, using incentives such as offering huge discount on “returned stock” or competitions where entrants are tempted by outrageous prizes. Rarely is there any discounted goods or prizes, rather a sophisticated network that is designed to capture financial and personal date for resale or exploitation.
The lockdowns that we have all experienced in 2020 has seen an explosive growth in e-commerce. With High Street stores being forced to shut, we have been driven online to buy everything from apples to zucchini.
There have been a number of companies that have seen demand for their services boom during the last nine months. Delivery companies certainly fall within this category. Whether it is the likes of Uber Eats, Just Eat and Deliveroo who have ensured we can still “eat out” whilst inside or the parcel delivery companies, demand for their services has rocketed.
However, a growing trend is emerging where fraudsters are looking to take advantage of the boom in home deliveries by impersonating someone from the logistics companies and asking for cash relating to a delivery.
The email on the left is an example of how fraudsters are trying to cash in on the current COVID situation. Most of us are expecting deliveries over the next few weeks in the run up to Christmas and so it may not be out of the ordinary to receive an email from a delivery company.
By only asking for a small amount, people may believe that it is a genuine request – after all fraudsters are always trying to extract the maximum amounts from victims, aren’t they?
Well, no. The cost of producing a “campaign” is minimal – in the case of the email on the left, they aren’t even using a custom domain. Therefore, the return on investment is tiny – one recipient who is fooled into paying the fee probably covers the total cost – which is why they are so widespread.
It isn’t just fake emails we are seeing. Text messages have also been used to try to fool people, using a link that if followed, could result in malware being unwittingly downloaded onto their devices. Fraudsters use URL shorteners to mask the website addresses in these text messages – whilst the website may look genuine, the domain name will give the game away.
Companies such as DPD, Hermes and DHL are fully aware of the issue and have issued guides to customers as to how to avoid being a victim of scams. The point they all make is that the delivery company will never ask for payment from the customer – the correct shipping fees will be included in the total price paid. There may be occasions when additional postage needs to be paid for deliveries via the Royal Mail – in these instances they will notify the recipient before delivery through a notification card posted through the letterbox and ask them to pay in person before a delivery will be made.
There are no lengths to which the fraudsters will go to try to defraud people as these emails prove – this Christmas (and at all times) don’t become one of their victims.