Aussie businesses are being advised to be more vigilant than ever as the year reaches its conclusion, as more and more scammers are attempting to take advantage of the busy Christmas period to catch SMEs unaware.
Over the past few years, email scam attempts have increased during periods such as Easter and Christmas due to business owners and their employees being increasingly time-poor as both the weather and business heats up.
And the trend hasn’t stopped in 2018, with MailGuard reporting email inboxes across the country are currently being sprayed with a fake parcel collection notice purporting to be from international shipping giant DHL.
The email appears similar to a legitimate DHL shipping notification and contains what looks like a real tracking number. It includes numerous links which either invite recipients to view the tracking details or to download an attached file to schedule a delivery time.
An example of the fake email. Source: MailGuard.
However, when clicked, the link takes users to a fake sign-in page which harvests their usernames and passwords, likely for use on other sites and payment services such as PayPal.
Multiple variants of the email were detected by MailGuard, with some leading just to a blank page, and others downloading malware onto users computers.
“We all love getting something (aside from a bill) in the mail, and with online shopping more popular than ever, it’s sometimes hard to keep track of what parcels we’re expecting,” MailGuard wrote.
“The criminals behind this scam prey on people’s busy lives and curiosity.”
When it comes to protecting your business, the common advice is to train up staff about the risks, create numerous backups of any sensitive data, and don’t click on any links you’re not familiar with.
While this advice is generally best practice, experts have told SmartCompany in the past sometimes it’s best for businesses to just bite the bullet and get some strong anti-virus software in place.
“Business owners should be putting the right things in place, which means the right antivirus and the right mail filter. That keeps these things filtered out, and even if it gets to users, the payload will be stopped,” founder of IT services firm Combo David Markus told SmartCompany last year.
“You can avoid that cost in your business by doing staff training but the risk is huge — you’ll just be hoping staff don’t inadvertently click on something after lunch.”
In a statement on its website, DHL warns its customers against similar scams and advises anyone unsure about the legitimacy of such emails to check the tracking number on the DHL website.
“Please be advised that if you received an email suggesting that DHL is attempting to deliver a package requesting that you open the email attachment in order to affect delivery, this email is fraudulent, the package does not exist and the attachment may be a computer virus,” the company said.
NOW READ: How to identify and avoid email scams at Christmas
ABOUT THE AUTHOR
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.