By Tom Latek
Kentucky Today
During the holiday shopping season, many people are waiting for packages and checking shipping updates from delivery companies, so cybercriminals exploit this by sending fake messages that appear to be from legitimate delivery services.
These messages often claim there is a problem with a delivery or ask you to take some kind of action to get your package, but they actually contain harmful links.
According to data from NordVPN’s Threat Protection Pro, malicious postal service websites have surged by 86 percent over the past month. Analysis of specific carriers reveals that DHL was the most impersonated brand among all postal services, with fake websites impersonating the company increasing by 206 percent month-over-month.
DPD Group ranked as the second-most impersonated brand, though malicious sites mimicking this carrier grew at a more modest rate of 16 percent. The United States Postal Service (USPS) was the third-most targeted brand but experienced the most significant month-over-month growth, with fake sites increasing by 850 percent.
“Scammers are evolving at an unprecedented pace, using AI not just to automate attacks but to make them deeply convincing,” says Marijus Briedis, chief technology officer at NordVPN. “With the holiday shopping season in full swing, consumers must remain vigilant against increasingly sophisticated phishing schemes targeting delivery services.”
Briedis suggests being careful with every delivery notification. Don’t click on tracking links in texts or emails. It’s safer to enter the tracking number directly on the carrier’s official website or app. Be wary of messages that pressure you, like those saying “immediate action required,” since real carriers rarely ask for instant payments through random links.
Always check the sender’s details closely. Scammers use “spoofing” to make phone numbers or websites look real, sometimes changing just one letter or symbol in a web address to trick you. If you get a message asking for redelivery fees or personal information to “release” a package, report it right away to the carrier or the FTC instead of responding.
“Becoming a victim of an impersonated fraudulent website isn’t just about losing money or missing out on Christmas gifts for your loved ones,” said Tomas Sinicki, managing director at NordProtect. “It also exposes you to further risks of fraud and extortion. When your billing or shipping address, login credentials, or bank and payment card details are compromised, it can lead to engineering attacks and severe financial losses.”
Find out more at nordvpn.com.