Cyber gangsters use the DPD parcel service to obtain the credit card details of unsuspecting victims.
Enlarge
Parcel service as a camouflage for theft of credit card details
© Petra Figueroa / Shutterstock.com
The Austrian IT security website Mimikama warns of phishing emails that claim to come from DPD.
The mails claim to be an update to a package. The delivery address given for the package is incomplete. Therefore, the addressee must provide further information and update his address. He can do that via the link directly in the mail.
As always, you should display the correct sender name in your mail program. This can be done, for example, by moving the mouse pointer over the sender address. In this case you will see that the mail comes from “[email protected]”, that is, from an e-mail address with a Brazilian top-level domain. An extremely unsuitable sender address for DPD.
If you click on the link behind “Update address” anyway, you get the information that a delivery attempt allegedly failed today. You now have to agree on a new delivery date – there is no longer any question of the delivery address being incomplete. If you actually click on the red button with the text “Postpone delivery”, a delivery fee will be charged! To pay for them, you have to enter your credit card details. Which finally brings us to the goal of this phishing attack: The cyber gangsters want your credit card details.
Always ask yourself:
Am I expecting a package at all? Is the text of the mail plausible? In this case there was an obvious contradiction. Always check the actual return address – in this case it is from Brazil. But above all: you never have to enter your bank or credit card details to collect a parcel. So delete such emails.
Lately there has been a huge amount of phishing emails on various subjects.
Here is the overview: