Hackers posing as couriers, boom in email scams

Bitdefender Antispam Lab found an increase of email on phishing, therefore false and dangerous, which exploit the names of reliable shipping companies - like DHL, TNT, FedEx and UPS - to steal personal data and infect recipient users' devices.

Phishing emails, hackers exploit the names of the most trusted couriers

According to research by Bitdefender Antispam Lab there has been an increase in 30%, compared to the Christmas period, of phishing emails by hackers who hide behind reputable names such as the most well-known couriers. The goal is have recipients download dangerous files, or have them click on infected links which can lead to the theft of personal information or the download of malware that infects your device.




Hackers are used to imitating known senders, in this case the most well-known shipping services, such as DHL, TNT, FedEx and UPS, by sending fake shipping notification emails. The analysis of email traffic conducted by Bitdefender Antispam Lab highlighted how on January 18, 61% of all inbound mail that appeared to come from DHL was marked as spam. Overall, nearly 30% of all spam received related to the delivery service turned out to be a phishing attempt or had malicious attachments.

The emails appear to be reliable, as they include real company logos, (fake) tracking numbers or invoices which add credibility to the whole thing. Furthermore various tricks are used to force the user to access the attachment, such as an incorrect delivery address, security rules regarding COVID-19 or others. They then aim to stimulate the recipient's curiosity, so that he or she opens the malicious attachment or clicks the infected link.


In addition to ransomware, which locks the device until a certain ransom amount is paid, attachments can also include Remote Access Trojan. Once executed, they allow hackers to control the user's system, steal their credentials or distribute other forms of malware to infected devices.



The most common phishing emails related to shipping services

DHL is one of the most used couriers by cybercriminals. Bitdefender Antispam Lab has in fact discovered three versions of phishing emails, in which it seems that the sender is DHL.

Hackers posing as couriers, boom in email scams

The bogus emails from hackers pretending to be FedEx instead, they contain short and simple messages. In this way, the recipient is prompted to open the attachments for more information. In the example we can see how a fake FedEx representative invites the recipient to go to the local office where the package is located, bringing the print of the waybill attached.

Hackers posing as couriers, boom in email scams

Also UPS e TNT have been targeted, with emails having the subject “Shipment Arrival Notification Consignment”, that contain links and attachments that, when opened, infect devices with malware and Trojans capable of stealing user credentials. Other emails may refer to a specific shipment, providing the customer with a fake tracking number.

Hackers posing as couriers, boom in email scams

How to protect yourself from courier-related email scams?

To protect themselves from phishing attacks, users can follow a few simple rules:

  • Be wary of unexpected messages which come from transport service companies.
  • Check the sender's address to check if the domain addresses are even minimally altered. You will need to check what is placed after the "@" of the sender's email address.
  • Never give out personal information or make payments through online forms or links received from unreliable or unknown senders.
  • Never click on the links provided in the email, but visit the transport company's page directly and look for the official contact information to inquire about correspondence or delivery details.
  • Check for spelling and grammar errors even if the email looks legitimate.
  • Install a security solution on your device to safeguard your private data from online threats.
Hackers posing as couriers, boom in email scams Bitdefender Antivirus plus 2021 | 1 device | 1 year | ...
  • Regardless of the version indicated on the product (2018, 2019, etc.), don't worry: YOU AUTOMATICALLY HAVE A ...
  • NEW: Microphone control - find out when apps are accessing it, Anti-tracker - Keep browsing data private, ...
  • IMPROVED: Secure Online Banking - A unique and dedicated browser that protects your transactions; Advanced Threat ...
12,99 EUR Buy on Amazon
READ ALSO: Telegram and hackers: even the main rival of WhatsApp would have security problems
TagsBitdefender corrieri email phishing Hackers posing as couriers, boom in email scams
add a comment of Hackers posing as couriers, boom in email scams
Comment sent successfully! We will review it in the next few hours.