As people socially isolate and work from home, shopping online and home deliveries have increased.
Scammers are capitalizing on this by creating new scams using Coronavirus delivery issues as a lure to get people to visit malicious links or open malware.
In a new report by Kaspersky, researchers see a new wave of phishing scams that utilize a COVID-19 theme and impersonate well-known shipping carriers such as FedEx, UPS, and DHL.
Package delivery phishing use Coronavirus lures
In one of the emails seen by Kaspersky, attackers impersonate DHL and state a package was being held due to the government lockdown during the Coronavirus crisis. It then prompts the users to make corrections to the attachment shipping document, which will then install the Bsymem Trojan.
Fake DHL shipping issue
Another email found by BleepingComputer pretends to be from FedEx and states that due to the Coronavirus "lock-down", a package is being held at the warehouse. They then prompt the user to click on a phishing link to reschedule for pick up.
FedEx phishing scam
Last but not least, threat actors are also sending UPS phishing scams using the same theme as the one we saw with FedEx.
In emails seen by Kaspersky, attackers are pretending to be from UPS customer service and state that a package is being held for pick up due to the Coronavirus outbreak. The recipient is then prompted to open the attachment to see instructions on how to pickup the package.
UPS phishing scam
This attachment is a malware executable that will download and install the Remcos Remote Access Trojan (RAT). Once infected, the attacker will ..
Support the originator by clicking the read the rest link below.
