Expand / Collapse search

Pandemic-fueled online shopping this year means more phishing scams than ever

By and David Komer online producer
Updated  December 9, 2020 9:27pm EST
Crime and Public Safety
FOX 2 Detroit

FOX 2 - This year more people than ever are skipping the mall due to COVID-19, and plan to do all of their holiday shopping online - and scammers are taking notice.

To say there's been an uptick in phishing incidents in the U.S. is an understatement - there's been a 440 percent increase from October to November. 

Phishing attacks are through the roof

This year, more people than ever are skipping the mall, and plan to do all of their holiday shopping online - and scammers are taking notice.

Brian Linder is the threat prevention expert at Check Point Software Technologies 

A phishing attack would traditionally come in as an email that looks quite innocent but with bad intentions," he said.

And the people with bad intentions are working overtime. The most significant phishing attack seen is in what's known as impersonated shipping. The largest Black Friday online in history.

"Now we are into the phase where we are getting everything shipped to us," Linder said. "So the bad actors know that and they're preying on people and saying hey, we're going to send out a bogus email from a DHL, a UPS or a FedEx. But maybe more subtly, they impersonate the Amazon brand. So we saw out of all the impersonations we saw of shipping brands, Amazon was 65 percent of the impersonations here in the US."

Here's some help in identifying the impersonators - always make sure there is a lock symbol  Next to the URL, that shows the certificate on the site is good.

Another red flag is grammatical errors. There are overseas hackers trying to fool you.

"Watch out for something that looks like it was written by someone who does not have a great command of the English language. We would never expect Amazon to send you an email that had a grammar air in it so if you see that, that's a red flag," Linder said.

 If you get a message urging you to act right away, beware - they may be trying to dupe you.  And finally, look carefully at the address of the email.  Is it the real deal? With a quick glance, you may miss something.

"Look for things like misspellings, look for grammar errors, look for the URL and domain names, usually they would be like Amazon.com. Perhaps it is shortened to Amazon. cO. Perhaps there is a misspelling in the domain name, maybe the z and the o are transposed. So you have to have your eyes open for these types of things that typically shouldn't be happening.

People are getting more distracted because we have a lot on our minds and we click anyway. So look closely.