As Black Friday approaches, eager deal-seekers in the UK are keeping an eye on dropping prices, while scammers are focusing on a different target. With a surge in package deliveries expected, cybercriminals are taking advantage of the situation to perpetrate scams directly to people’s homes.
Recent reports have highlighted a significant rise in “quishing,” a tactic where criminals embed phishing attacks within QR codes. This method is now being combined with a revived brushing scam and is becoming more aggressive in anticipation of Black Friday deals.
Technology expert Theodore Ullrich from Tomorrow Lab has observed an escalation in these scams as consumers eagerly await their deliveries. He points out that the moment a recipient receives an unexpected parcel with their name correctly printed on it, there is a tendency to trust its legitimacy, which fraudsters exploit by luring victims to scan QR codes leading to phishing pages.
Ullrich emphasizes how easily individuals can fall victim to these scams by mistaking QR codes on packages as related to tracking or returns. Scanning such codes can quickly lead to a fake website designed to extract personal and financial information without the victim’s knowledge.
The expert notes that scammers are becoming more sophisticated in leveraging personal information available online to make fraudulent parcels appear authentic. This tactic, a modern twist on traditional brushing scams, now aims at obtaining sensitive data and financial details from unsuspecting victims.
As Black Friday approaches, Ullrich warns that scammers use the frenzy of the shopping event to disguise their malicious activities, with an uptick expected in these incidents. He advises recipients of unexpected parcels to contact the company through official channels rather than using any contact information provided on the package, as scammers often control such details.
In light of these evolving scams, Ullrich stresses the importance of vigilance and caution. Recipients are urged to treat every QR code with suspicion, refrain from scanning unknown codes, and be proactive in safeguarding their personal information by updating passwords and enabling additional security measures.
Staying alert and taking time to verify unexpected deliveries are crucial steps in preventing falling victim to these scams. Ullrich emphasizes the need to remain cautious, especially during high-traffic shopping periods, and to prioritize security over haste when dealing with unsolicited packages or QR codes.