Parcel messaging – a new wave of attacks

Cybercriminals are constantly improving their methods and adapting them to the growing awareness of the dangers of using the Internet. Massively sent SMS or e-mail messages and fast exchange of information between recipients make people more likely to recognise phishing attempts. However, one should bear in mind the dynamics of change that characterises phishing campaigns and the creative approach of their authors.

Previously received messages asked to pay outstanding debts, usually connected with electricity or Internet bills, or courier service fees. In this case, the creators of the phishing campaign departed from the known pattern, because the message received concerns only the necessity to correct the address to which the ordered parcel is to be delivered. After clicking on the attached link, a perfectly crafted page appears, which imitates the official website of DHL. After ticking the appropriate boxes, the victim is asked to provide his data, and after accepting, is added to the list of subscribers, from whom a monthly fee of PLN 44 is collected.

As we can see from the above example, despite using new methods, phishing follows similar patterns. In most cases, cybercriminals require entering a link directing to a spoofed page, where personal or financial data will be required. Entering the link itself does not necessarily mean that your data or money will be stolen, however, such a scenario may occur when fraudsters change their pattern and instead of obtaining data, they aim to infect devices with malware.