Recent research conducted by Check Point Research (CPR), Check Point’s Threat Intelligence division, reveals an increase in scams around Halloween, especially those related to fake couriers. To be “imitated” in these phishing attempts would be above all the couriers DHL, among the most respected delivery companies in Europe.
The report reveals that the most imitated brand in the third quarter of 2022 is DHL, which thus takes away the place of Linkedin which had been the favorite disguise of cybercriminals in the second quarter. Microsoft is currently in second place (16%) while LinkedIn is down to third, with 11% of scams (compared to 52% in the first quarter and 45% in the second).
DHL’s rise could be partly due to a major global scam and phishing attack that the logistics giant itself reported a few days before the start of the quarter. In the top 10 he also arrived, for the first time, Instagramfollowing a phishing campaign linked to blue badges reported in September.
Below is the ranking of the most “imitated” brands in the third quarter of 2022
The fake Halloween courier scams: how they work
One of the most widespread phishing campaigns in the third quarter – observed by CPR – concerns the one sent from a webmail address “info @ lincssourcing[.]com “. This is created to look like “DHL Express” invitation. The email contained the subject “Undelivered DHL (Parcel / Shipment)” – undelivered package – and the content (as in the image below) tried to persuade the victim to click on a malicious link to update the address of delivery and ensure that delivery takes place. The recipient site then asked for an email and password, which would end up in the possession of the scammers.
CPR reminds you to never trust emails from suspicious addresses. In this regard, we recommend reading our guide on how to defend against phishing attacks.