Grocery delivery services have been quite popular during the COVID-19 pandemic. These services help support social distancing, reduce the number of shoppers in each store, and allow at-risk patrons to safely buy essential items. Unfortunately, the popularity of these delivery services has caught the attention of cybercriminals. The bad guys are now spoofing supermarkets that offer delivery services in hopes of stealing your personal information. It starts with a phishing email that urges you to log in to your supermarket’s website using the link provided. Clicking the link takes you to a fake login page for your local supermarket. The page asks you to select your email provider (Gmail, Apple, and so on) and then log in to connect your account. Don’t be fooled! Connecting your account actually delivers your email credentials to the bad guys.

Remember the following tips:

  • Never click on a link within an email that you weren’t expecting.
  • Remember that email addresses can be spoofed. Even if the email appears to be from a familiar organization, it could be a phishing attempt.
  • When an email asks you to log in to an account or online service, log in to your account through your browser-not by clicking the link in the email. That way, you can ensure you’re logging into the real website and not a phony look-alike.

Stop, Look, and Think. Don't be fooled.