Better Business Bureau of Southern Arizona is warning consumers of a new string of phishing e-mails making the rounds this holiday season.
Hackers are impersonating well-known companies that do a lot of business this time of year—specifically trusted retailers and shipping companies such as FedEx, UPS, and Wal-Mart—in order to gain access to computer drives, files and accounts to steal personal and financial information.
Hackers have created phishing e-mails which pretend to be from shipping companies claiming that there is a problem with delivery of merchandise. Commonly, the e-mail will include a hyperlink for recipients to click that will take them to another Web site that might install malware or solicit personal information. A message currently making the rounds has a subject line that looks like, “Subject: Tracking Number 13040065504.” The body of the message claims that a package couldn’t be delivered and advises the recipient, “To take your package back you should print the copy of invoice that is in the added file.” The attachment is actually a virus that will infect the computer if opened.
BBB ADVICE: Instead of clicking on the link in the e-mail, go directly to the shipper’s Web site or contact the company via phone in order to confirm whether there is a shipping problem with your package. Do not open attachments or click on links in unsolicited e-mails.
Surveys Offering Holiday Spending Cash
In an effort to take advantage of cash-strapped holiday shoppers, phishing e-mails are circulating pretending to be from retailers such as Wal-Mart. One e-mail has a subject line that reads, “Online Survey from Wal-Mart Stores!!!” And the body of the message states, “This survey has been sent only to a few people from our random generator … You’ve been selected to take part in our quick and easy 9 question survey. In return we will credit $90.00 to your account – Just for your time!” Ultimately, the e-mail includes a link to a Web site where the recipient is supposed to take the survey, but in fact leads to a phishing site.
BBB ADVICE: Do not respond to unsolicited e-mails that promise money for answering surveys. Spam e-mails that offer big rewards with little effort will only cost you in the end.
E-cards are an extremely popular—and inexpensive—way to deliver season’s greetings to loved ones. Typically, with legitimate e-cards, the recipient receives an e-mail with a hyperlink that will take the user to the e-card which is housed on a Web site. Unfortunately, by design, e-cards are an extremely easy way for hackers to disguise their phishing e-mails and direct users to their Web sites which install viruses and malware.
BBB ADVICE: Phishing e-mails posing as e-cards can be difficult to spot. Spelling and grammatical mistakes are a huge red flag. Also, don’t follow the link in an e-card if you don’t recognize the name of the sender.
Consumers who receive suspicious e-mails should report them to the Internet Crime Complaint Center at www.ic3.gov.
For more information on staying safe when shopping online this holiday season, and for a host of other seasonal tips, visit www.tucson.bbb.org.