Home delivery scams, where the crooks falsely apologise to you for not delivering your latest parcel, have been around for years.
However, as we have unfortunately needed to say many times on Naked Security, these scams seem to have become steadily more professional-looking during the pandemic, as more and more people have got into the habit of ordering deliveries for everyday shopping instead of heading into stores.
For example, here’s a contemporary SMS-based scam (phishing that is kicked off by a text message, or SMS, is wryly known as smishing) that makes a good “picture story” of how these cybercrimes unfold.
In this criminal campaign, the scammers were targeting a home delivery company in the UK called Evri.
Unfortunately, and perhaps entirely deliberately on the part of the criminals, “Evri” is a recent UK-specific rebrand of the German company “Hermes”, so that UK customers may very well still be getting used to the new look and feel of the rebranded website, and to the new domain name.
Officially, the company’s web presence is at evri.com, so these crooks have grabbed a domain of the form evri-xxxxxxx.com to make things seem believable:
By the way, the domain used in this attack was first registered just yesterday, probably for use in this scam only, and at the time of writing, the content was served up by a hosting company based in Moscow, Russia.
Hosting companies typically provide ready-to-go web server templates, complete with HTTPS…
