Most of the phishing messages going around are supposedly coming from DHL. We are talking about almost a quarter of all fake messages sent worldwide. The brand names of Microsoft, WhatsApp and Google are also regularly abused by cybercriminals.
This is according to research by cybersecurity company Check Point. Researchers limited themselves to phishing messages sent in October, November and December 2021.
This is phishing in a nutshell
Phishing is a form of online crime in which the perpetrators try to collect as much personal data, payment details or other personal data from unsuspecting victims as possible. Cybercriminals often try to scam people by e-mail, but today it happens more and more often via SMS – also known as smishing – or via WhatsApp. In the latter case, we speak of WhatsApp fraud, help request fraud or friend-in-need fraud.
At first glance, a message seems to come from a reliable party. The company logo is used, the messages contain fewer and fewer language errors and the content of the messages often relates to current events. Recognizing a phishing message is therefore far from easy.
The message usually contains a link or URL that redirects victims to a rogue page. Information that victims enter here ends up in the hands of fraudsters. What we also see in practice is that cyber criminals try to convince people in this way to download a virus, spyware or another form of malware. Once installed, the software goes to work and sends unsolicited privacy-sensitive information to the scammers.
DHL, Microsoft and WhatsApp most abused by cyber criminals
In the fourth quarter of 2021, most phishing messages were sent on behalf of DHL. A whopping 23 per cent of all fake messages in the last three months of last year allegedly came from the courier company. That is a significant increase: in the third quarter, only 9 per cent of the fake messages were from DHL.
DHL leads the list of brand names most commonly abused for phishing. This pushes the package deliverer Microsoft from the throne. The American hardware and software company was in first place in the third quarter of last year with a share of 29 per cent. In the past three months, Microsoft’s share has shrunk to 20 per cent.
In third place, we find another well-known company, namely WhatsApp. In three months, the chat application rose from sixth to third place. One in nine fake messages (11 per cent) is sent in the name of WhatsApp. Google and LinkedIn complete the top five with a share of 10 per cent and 8 per cent respectively. In places six to ten, we find Amazon (4 per cent), FedEx (3 per cent), Roblox (3 per cent), PayPal (2 per cent) and Apple (2 per cent).
FluBot pretends to be a courier company’s app
The researchers believe that DHL’s explosive growth is due to the many discount campaigns in the last three months of last year. For example, there was Black Friday and Cyber Monday. And of course not to forget Sinterklaas and Christmas. The ongoing corona pandemic may also have played a role. Because people regularly had to stay at home for longer periods and the shops were closed, they ordered their products online more often.
In the Netherlands, Belgium and other European countries, SMS messages were regularly sent on behalf of a parcel delivery service. It said a package was on its way to the victim. To see when it would be delivered, they had to download an app.
Once installed, the application didn’t do much at first. At least, so it seemed. In reality, he was collecting financial data. The malware also changed transaction amounts and bank account numbers when someone tried to transfer money. Finally, the malware spread by sending text messages to all contacts a victim had on his or her smartphone. You may know this rogue application under the name FluBot.
Last summer it was not a courier service, but a voicemail. At the beginning of this year, FluBot disguised itself as a Flash Player.
Tips to avoid becoming a victim of phishing
Check Point advises everyone not to click on a link or open an attachment, even if it appears to be from a well-known party. First, take a good look at the sender by looking at which domain name the URL refers to. Also, don’t just share personal information if someone asks. Furthermore, it is about keeping abreast of recent threats. Finally, follow your intuition. Does a gut feeling tell you that something is not right? Then don’t ignore this one.
To ensure that you do not become the next victim of phishing, it is good to take a number of measures. Does an online service offer two-step verification? Then activate it. In addition to a username and password, scammers also need a verification code to log in. This is only accessible to you.
Another tip we give you is to set up your spam filter properly. This stops the majority of all fake messages. Are you asked to provide personal information? First, check whether the page uses an HTTPS connection. If there is a padlock icon next to the search bar, the connection is secure.
Catch up on more articles here
Follow us on Twitter here