Scammers have employed new tactics to ensure the success of their phishing campaigns ahead of Black Friday and this year’s holiday shopping season, at a time when consumers have abandoned retail stores in favor of online shopping.
Scammers have stopped including malicious links and attachments in their phishing emails as anti-phishing technology becomes much more effective at deterring even the most sophisticated attacks, according to a new report from email security company Inky. Instead, they’ve started creating emails designed to impersonate big brands like Amazon, Target, and Walmart.
These emails that resemble an order confirmation from an online retailer are harmless when opened and do not contain any malware. However, they do include a phone number that potential victims are instructed to call if they believe an order or shipping confirmation was sent to them in error. Receiving an email for items you haven’t purchased can be upsetting, especially if you think you’ve been a victim of identity theft. This creates a sense of urgency and victims often call scammers of their own accord.
If a user calls the number included in one of these emails, someone working for the scammer on the other end of the call will try to extract their payment details and other financial information.
phone scam threat
Over the summer, Inky saw so many of these emails impersonating retail brands that its engineers created a new threat model called phone scams. In the four months since this new threat model was introduced, the firm detected 24,275 of these attacks targeting its customers, and the number continues to grow with Black Friday and Cyber Monday.
Also, these messages are sent using free email services like Gmail and Hotmail which makes it very easy for them to pass email authentication protocols like DMARC. So far Inky has seen scammers use this threat model to impersonate Amazon, PayPal, Target, eBay and other popular online retailers and mobile payment apps.
To avoid falling prey to these phone scam email threats, Incey recommends that potential victims carefully inspect the email addresses, writing and content of these emails to see if they are legitimate. Alternatively, you can open your browser and visit the websites of any of the retailers mentioned in these scams, or even Amazon, and check your order history to see if you have or have anyone in your household. And have ordered the item you received the order. or for shipping confirmation.
Other ways to keep yourself safe online this year’s holiday shopping season include installing antivirus software on all of your devices, using a VPN service when shopping, especially when connected to public Wi-Fi. Using a password manager to create and store strong, unique passwords on and on for everyone. of your online accounts.
We have also highlighted best malware removal software, Best Endpoint Protection Software And best firewall