QCOSTARICA — Lately my email inbox is full of messages about a supposed package. These emails come from supposedly reputable companies such as DHL and the Costa Rica post office (Correos de Costa Rica), ok, that one is questionable in itself.
Be very careful to follow through on the request to confirm your package. This is a new method of credit card cloning taking place in Costa Rica and Latin America, where cybercriminals are using fake messages, emails, and text messages (SMS) to trick people into notifying them that a supposed package is waiting for them.
The message contains a link that appears to lead to a legitimate page of a well-known shipping company. However, this page is a fraudulent imitation and asks victims to make a payment to receive the package.
– Advertisement –
The real objective of this scam is to obtain people’s banking information. Users who enter their data on this fake page provide cybercriminals with the information necessary to clone their credit cards.
The messages with malicious links are sent from local numbers, or as stated earlier, emails from recognized companies in package deliveries, thus the criminals manage to trick many victims.
In addition, Kaspersky (a multinational cybersecurity and anti-virus provider) researchers have identified more than 50 domains linked to this fraud campaign, and the company has already managed to block them in its security solutions.
“Cybercriminals have taken advantage of the increase in online shopping to implement one of their most effective tactics: phishing scams. They use fake messages with malicious links to make people believe that there is a problem with the delivery of their items. In reality, their goal is to steal personal data, banking information or even money,” said Fabio Assolini, director of the Global Research and Analysis Team, Latin America, at Kaspersky.
Avoid scams
1. Check any suspicious notifications about delivery problems. If you receive a message alerting you about a problem with the delivery of a purchase, check directly with the establishment through its official channels. If you suspect the notification is fake, contact the courier service using official phone numbers or log into your account on the platform to confirm if there really is a problem. Always remember to track your purchases from the service’s official website.
2. Carefully examine the sender of the message. If you receive a message from an unknown or unverified phone number, or from an email address that uses a free service like Gmail or Hotmail, be wary. If the number doesn’t match the area code of your city or country, or if the sender’s address contains strange characters, it’s likely a scam attempt.
– Advertisement –
3. Pay attention to the quality of the text. Trustworthy companies don’t usually send messages with grammatical or wording errors. Although a message with perfect language doesn’t guarantee its authenticity, if you spot obvious errors, it’s very likely spam.
4. Don’t fall for unexpected messages. If you receive a notification of a failed delivery of a package you didn’t order, don’t panic or let curiosity get the better of you. Block the number and report it as spam from your device.
5. Protect your data with reliable security solutions. Use security tools like Kaspersky Premium, which blocks phishing websites and protects your personal and financial data from potential threats.
Following are two examples of the majority of my emails this week, the first from, supposedly, Correos Costa Rica and the second from DHL. Note the emails are from and who it is being send to (the Correos to specific emails the DHL to undisclosed-recipients).
– Advertisement –
1. The Correos email
Alerta de Paquete Pendiente: Acción Requerida
Estimado/a Cliente,
Tenemos un paquete pendiente de entrega para usted. Actualmente, está detenido en tránsito y requiere su atención. Por favor, rastree su paquete y proporcione las instrucciones necesarias para asegurarse de que lo reciba sin más demoras.
Puede rastrear su paquete haciendo clic en el botón de abajo o visitando nuestro sitio web.
Rastrear Su Paquete ** this is the phishing link **
Si necesita asistencia o tiene alguna pregunta, no dude en contactarnos a soporte@correosdecostarica.go.cr.
Gracias por su pronta atención a este asunto.
Atentamente,
El Equipo de Costa Rica Post
From: Correos de Costa Rica
2. The DHL email
Un envío de DHL Express ha sido creado por Julio Argaiz. Imprima la documentación de envío adjunta y adjúntela a su envío.
Consulte el adjunto para la recolección de mañana a las 3 p. m.
Número de confirmación de recogida
PRG211001715504
Peso total de la recogida: 2.0 kg
Important
• Do not seal your shipment as the courier must inspect the contents.
• You or a representative must be present when the courier arrives. Shipments cannot be left outside or in “safe” places for the courier to pickup.
• Affix one copy of the label securely to each package and give the other to the courier, along with any other shipping documents.
• Ensure your packages are packed and labeled correctly to avoid damage or delays. Follow DHL’s Packaging Advice
• If you need to cancel or change your pickup, please contact Customer Service at: 6808555
Please do not reply to this email – inbox is not monitored. * this is the phishing link **
From: Julio Argaiz (DHL Express)
** I suggest you do the same, to the “delete” folder. Never click on the links in the email. Don’t let your curiosity get the better of you. Even if you don’t fill in the information on the website you linked to, your information and computer security are at risk. **
– Advertisement –
Source link
Rico
