Yes, you heard that right. Apparently, it is not only shoppers engaging in retail therapy who are taking advantage of shopping websites and apps. This includes hackers launching phishing attacks too! 

Cybercriminals have shown heightened activities in the retail industry. Specifically taking advantage of customers who are getting their shopping done via online deliveries. And they have a very intricate way of doing their phishing attacks.

First, they set up fake websites and use this to gather information about customers. Then, though impersonating postal and delivery websites, scammers send out SMS notifications that read as “urgent delivery” or “failed delivery”. Once clicked, customers are routed to the scammer’s site and asked to “verify information” about their packages. This is done by asking them for their personal and payment information. Unsuspecting customers would provide them willingly to ensure that they get their packages on time.

History of Phishing Attacks

Although there is a significant rise in incidents this year, these phishing attacks are not without precedent. Seasoned retailers know that with the increased shopping activities present a very good opportunity for attackers. As such, business owners have already expected these increases in phishing and other cyber activity. Hence resulting in anticipated cyber stress

phishing attacks on shoppers

phishing attacks on shoppers

Impact of Phishing Attacks on Businesses 

Because these fake sites are impersonations, legit businesses suffer greatly in the process. Seeing that the SMS notifications redirect customers to the pages that look very similar to the legit business, customers are quick to blame them for any mishap or “leak” in their personal and payment information. Thereby resulting in friction between the two parties, when in reality, both are actually victims of the attack

Prevention and Protection against Phishing Attacks

Unfortunately, these cyber attacks are difficult to track and apprehend. Most of the phishing sites limit their activities to focus on easy victims in target countries. Likewise, the fake websites also go dark after a few days or intermittently, stalling or blocking further investigation by law enforcement agencies.  

In a blog post by Vladimir Kalugin, operations director of digital risk protection at Group-IB, he said that “The high volume of packages being shipped…makes it easier for scammers to hide among legitimate delivery services.” and because of this, “We recommend users verify sender details, search through official channels cautiously due to scammers’ mimicry, treat messages as alerts, independently access official websites, and be aware of the ongoing schemes,” Kalugin added.

What Can be Done

True enough, there is no other way to protect customers but to educate them to become consciously aware that this form of fraud is everywhere. By verifying details and checking official websites of the businesses, customers can avoid getting their information in the hands of cyber criminals.  

Similarly, business owners should also take proactive measures from their end and pump up on their website security. Reducing stress by being prepared. Talk to us today and we can help you protect your business and your customers!

Give us a call NOW!

Watch Our Latest Tech Videos From EB Solution

Call Now