Netcraft News

Post Office is new prime target in UK parcel delivery phishing attacks

This article has been indexed from Netcraft News

The coronavirus pandemic resulted in the closure of many bricks and mortar retail stores, forcing UK consumers to adopt online shopping more than ever before. This trend has largely continued in spite of many stores since reopening, as millions of consumers have become accustomed to the practical benefits of online shopping.

Along with this increased volume of online shopping came a new trend of phishing attacks where cybercriminals impersonate parcel delivery companies in an attempt to steal financial details from their victims. Royal Mail and Hermes were popular targets for these types of attack, but most new attacks now impersonate the Post Office.

A text message luring victims to a Post Office phishing site.

A typical text message used to lure victims to a phishing site that impersonates the Post Office.

These attacks are typically disseminated via text message, informing the victim that they have missed a delivery. Sometimes the messages say up front that the recipient must rebook the delivery by paying a small surcharge. The relatively small surcharge is often sufficient to trick victims into believing the phishing site is legitimate, or at least that any risk is minimal, allowing the phisher to obtain the victim’s details and potentially steal a much larger amount.

As most of the attacks are orchestrated via text message, the phishing sites are usually hosted with purpose-bought domain names that include the targeted company’s name in an attempt to be convincing. Some examples include:

  • myhermes-youritem.com
  • reschedule-postoffice.com
  • royalmail-customer.com
  • dpd.delivery.150227811923.com

Some messages instead use generic URL shorteners to take victims to the phishing sites, but this would not necessarily be viewed as suspicious by all recipients, as the use of URL shorteners is commonplace even in legitimate text messages.

Most of the phishing kits used in these attacks also attempt to evade detection by blocking unwanted clients such as bots and anti-phishing organisations, but Netcraft successfully circumvents these checks.

Animated GIF of a Hermes phishing site being navigated. […]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: Post Office is new prime target in UK parcel delivery phishing attacks