Christmas Cyber Scam: Fake Delivery Email

Elisabeth Do
Elisabeth Do
calendar icon
December 25, 2023
4 min

Because more people are purchasing online during Christmas, fraudsters have more opportunities to send phony delivery emails. During the holiday season, these dishonest emails can affect people and businesses and are regarded as a threat to online buyers.

Statistics of Fake Delivery Email Scams During Christmas

  • The National Cyber Security Centre reported an increase in AI-generated scams, including fake delivery emails, making them more convincing.
  • Individuals aged 25 to 34 are identified as the most susceptible demographic to fake delivery scams during the holiday season.
  • Consumers reported losing nearly $8.8 billion to scams in 2022, with a significant portion attributed to fake delivery notifications.
  • 34% of U.S. adults tend to take more risks with online shopping closer to the holidays, making them more susceptible to fake delivery scams.

What is a Fake Delivery Email Scam?

In a fake delivery email scam, fraudsters pose as reputable delivery services or online shops in an effort to deceive victims into disclosing personal information or downloading malware. Usually, these con games operate as follows:

  • The con artist pretends there is a problem with a shipment delivery or an online order in an email or text message that they send out. The letter could advise the recipient to update their payment details or delivery preferences, among other actions.
  • A malicious link that seems to be from a reputable delivery service or merchant is present in the email or text message. By clicking on this link, the victim's device may download malware or be taken to a phony website where financial and personal information is stolen.
  • Upon opening phony invoices or shipping labels, or other attachments containing malware, some bogus delivery emails might infect the recipient's PC.

Common Tactics Used by Scammers

Scammers employ various tactics to make their fake delivery email scams appear more convincing and legitimate. Some common tactics include:

  • Scammers frequently imitate the logos, color schemes, and branding of well-known delivery services or merchants to make their emails and websites appear legitimate.
  • The email may appear to be sent by a real delivery service or retailer by spoofing the sender's email address to match the company's domain.
  • Scammers frequently employ hurried language and create a sense of urgency to force victims to act quickly without thoroughly considering the message.
  • Fake tracking numbers and delivery notices may be included in the email or SMS to give the fraud the appearance of legitimacy.
  • In some circumstances, scammers may customize the email using the victim's name or other personal details to make the message appear more real.

Why are Fake Delivery Email Scams More Frequent During Christmas?

Increase in Online Shopping

The Christmas season sees a huge increase in internet purchasing, which provides an ideal environment for scammers to exploit. Here are some important facts that demonstrate this trend:

  • 57% of U.S. consumers plan to shop online during the holiday season.
  • 86% of shoppers will holiday shop on Amazon, 60% on Walmart.com, and 47% on Target.
  • Cyber Monday 2022 was the largest retail e-commerce sales day in U.S. history, with consumers spending $11.3 billion online.
  • Consumers spent $211.7 billion online over the 2022 holiday season, an increase of 3.5% year over year.

With such a high amount of online purchases and deliveries, scammers have more possibilities to send false delivery emails, hoping to catch receivers off guard.

Holiday Rush and Distractions

The holiday season is marked by an abundance of activities and elevated emotions, making people more vulnerable to scams. Here are some elements that contribute to this vulnerability:

  • Increased Busyness: People are frequently preoccupied with Christmas preparations, shopping, and social gatherings, resulting in less inspection of emails and texts.
  • Emotional Excitement: The expectation of getting gifts and shipments can lead people to click on links or open attachments without sufficient verification.
  • Increased Amount of Emails: The flood of promotional and transactional emails over the Christmas season can make it difficult to tell the difference between legitimate and fraudulent messages.
  • Distraction: With so many activities and duties, people may not pay close attention to the specifics of each email they receive.
  • Sense of Urgency: Scammers frequently employ urgent language in their emails, which is especially effective during the holiday season when individuals are already feeling rushed.
  • Increased Online Activity: Spending more time online buying and browsing increases the risk of encountering phishing attempts.
  • Family and Social Obligations: The emphasis on family reunions and social events may draw attention away from cybersecurity procedures.
  • Financial Transactions: The increased volume of financial transactions throughout the holiday season creates more opportunity for scammers to intercept sensitive information.
  • Generosity and Giving: The atmosphere of giving over the holidays can make people more trusting and less suspicious of prospective scammers.

Identifying a Fake Delivery Email

Red Flags to Watch Out For

When trying to identify a fake delivery email, there are several red flags that can help you spot a scam:

  • Poor Language and Spelling: Scammers frequently send emails with misspelled words, grammatical flaws, and odd phrasing. Legitimate businesses usually edit their correspondence to preserve professionalism.
  • Unusual Email Addresses or Sender Names: Check the sender's email address thoroughly. Scammers frequently use email addresses that appear to be authentic but have minor differences, such as extra numbers or letters or alternative domains (for example, "rnicrosoft.com" rather than "microsoft.com").
  • Requests for Payment Information or Personal Information: Legitimate delivery services won't send emails requesting sensitive data, such as account passwords, credit card numbers, or Social Security numbers. Any email demanding such information should be avoided.
  • Suspicious Attachments and Links: Refrain from opening attachments or clicking links in unwanted emails. These could infect your device with malware or direct you to dangerous websites. Before clicking on any links, hold your cursor over the URL to see the real one. Be careful of links that go to anything other than the delivery company's official website.

Verifying Legitimate Emails

To ensure an email is legitimate, follow these steps:

  • Examine the Email Address of the Sender Thoroughly: Make sure the email address corresponds to the delivery company's official domain. Emails from UPS, for instance, should arrive from "@ups.com" rather to a general email provider like Gmail.
  • Search for Anomalies in the Email's Content: Take note of the email's overall formatting, used logos, and language. Emails that are legitimate will use formal language and consistent branding. Any differences could indicate a scam.
  • Make Direct Touch with the Delivery Business Using the Following Official Contact Details: Use the contact information provided in the email only if you are certain that the communication is legitimate. Rather, go to the delivery company's official website and check the email using the contact details provided there.

Tips to Avoid Fake Delivery Email

General Cybersecurity Practices

Keeping up with cybersecurity best practices will protect you from a variety of online dangers, such as phony email delivery frauds. The following actions are essential to take:

  • Employ Strong, Unique Passwords: Don't use the same password on several platforms; instead, come up with strong, one-of-a-kind passwords for each of your accounts. To create and safely save complicated passwords, think about utilizing a password manager.
  • Regular Security Patches and Software Updates: Update your web browsers, operating system, and other applications with the most recent security patches and upgrades. These updates frequently fix security holes that hackers might use against you.
  • Installing Trusted Malware Removal and Antivirus Software: To identify and eliminate such dangers from your devices, install and update reliable antivirus and anti-malware software on a regular basis.

Email-Specific Precautions

In addition to general cybersecurity practices, there are specific precautions you can take to avoid falling victim to fake delivery email scams:

  • Turn on Email Security Features and Spam Filters: The majority of email providers have these tools available, which can be used to spot and filter questionable emails. Turn on these functions and change the settings to the degree of security you want.
  • Don't Open Attachments or Click Links From Unidentified Sources: Emails from senders you are not acquainted with should be avoided, and you should never click links or download files unless you are positive they are authentic.
  • Check Delivery Alerts for Authenticity via Authorized Channels: Never reply to emails containing delivery notifications that seem questionable and avoid clicking on any links. To verify the authenticity of the notification, go to the delivery company's official website or get in touch with their customer care using verified contact details.