The COVID-19 pandemic continues to impact supply chains for countless industries around the world. Cybercriminals often use wide-reaching problems like shipping delays to their advantage. In a recent scam, cybercriminals use the possibility of a delayed or missed shipment as phish bait. The scam starts with an email that appears to come from a reputable shipping company. The email urges you to click on a link to download an important shipping confirmation document. If you click the link, you’ll be taken to a login webpage that asks for your email and password. Unfortunately, the email was actually sent by cybercriminals and the link leads to a well-designed phishing webpage. Any information that you enter on the webpage will be sent straight to the cybercriminals. To stay safe from similar scams, remember the following tips:

  • Watch out for a sense of urgency. These types of scams rely on impulsive actions, so always think before you click.
  • Never click on a link or download an attachment in an email that you were not expecting.
  • If you are expecting a shipment and receive a related email, confirm that the email is legitimate before clicking any links in the email. Look for details such as the order number, the purchase date, and the payment method.