(Photo/Reuters)

The "Double 11" period of the e-commerce industry has started, and the Christmas holiday shopping season will be approaching at the end of the year. Various product promotions and discounts are coming in waves, resulting in a large increase in the volume of online shopping flow and packages, and also allowing unscrupulous cybercriminals to take advantage of the opportunity to launch Phishing and fraudulent attacks, through common Email tactics, send emails to check the logistics progress under the name of a well-known brand, and wait for the opportunity to steal personal information and payment information.

According to the "Brand Phishing Report for the Third Quarter of 2022" released by information security firm Check Point, the logistics industry is one of the top targets of brand phishing, second only to the technology industry.

Among the top ten most impersonated brands in the world in fraud cases this season, logistics company DHL soared to the top in the third quarter of this year, accounting for 22% of phishing attacks attempted globally; Microsoft ranked second ( 16%), while LinkedIn slipped to third place (11%).

Please read on...

In this regard, Check Point also issued a warning and emphasized that as the retail industry will usher in the busiest online shopping peak at the end of the year, attackers may specifically target online shoppers as targets, using more ingenious fraudulent tricks or sending messages under false names. Phishing emails that contain malicious URL links or applications in the letter to lure users into being fooled.

When receiving emails or messages claiming to be from a certain company, be cautious and raise awareness of information security, especially when the content of the email contains words such as requesting to share information or to follow the instructions in the letter, and do not trust any electronic mail. Emails, and don’t click on email attachments or links at will, so as not to accidentally fall into the trap of fraudulent groups.

The subject of the email claimed to be "Undeliverable DHL (Package/Cargo)", but it was actually a malicious phishing email.

(Photo flipped by Check Point)

Take the DHL brand, the logistics company that was most frequently impersonated to launch phishing attacks in the third season, as an example. Disguised as being from DHL Express, and in the content of the email, it claimed that a package to be received would be sent out immediately after the recipient address was updated, to induce recipients to click on malicious links; The guide pretends to be a login page similar to the design of the official website. The website will require the recipient to enter a user name and password, but secretly obtain the account password.

But in fact the email was sent from a webmail address "info@lincssourcing[.]com", not DHL Express official.

Brands most frequently used in phishing attacks in Q3 2022

The global ranking of brand presence for all phishing attacks is as follows:

1. DHL (22%)

2. Microsoft (16%)

3. LinkedIn (11%)

4. Google (6%)

5. Netflix (5%)

6. WeTransfer (5%)

7. Walmart (5%)

8. WhatsApp (4%)

9. HSBC (4%)

10. Instagram (3%)