1. Business Ideas
  2. Business Plans
  3. Startup Basics
  4. Startup Funding
  5. Franchising
  6. Success Stories
  7. Entrepreneurs
  1. Sales & Marketing
  2. Finances
  3. Your Team
  4. Technology
  5. Social Media
  6. Security
  1. Get the Job
  2. Get Ahead
  3. Office Life
  4. Work-Life Balance
  5. Home Office
  1. Leadership
  2. Women in Business
  3. Managing
  4. Strategy
  5. Personal Growth
  1. HR Solutions
  2. Financial Solutions
  3. Marketing Solutions
  4. Security Solutions
  5. Retail Solutions
  6. SMB Solutions
Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

Scammers Hijack Brands for the Holidays

Legitimate-looking notifications hide malware . / Credit: Malware image via Shutterstock

While many people choose to spread good cheer during the holiday season, online gift shoppers can also count on cybercriminals spreading malware. They hope to prey on the stresses of last-minute holiday shopping and seek to distract consumers from being cautious with their personal information online. Bogus notices masquerading as email alerts from legitimate brands are one of the top malware distribution vectors making the rounds this holiday season, a new report shows.

One scam hijacked the DHL brand to send delivery attempt notifications from what purported to be DHL Express, according to an analysis of the 10 most prevalent threat detections made during November. The research was conducted by GFI Software, a security software company.

The legitimate-looking email notifications claimed that DHL had been unable to make a delivery to the victim's address and said that they needed to go to their local DHL office to present a postal receipt and claim their package.

When users attempted to print their receipt, they were redirected to a number of websites that infected their machines with a phony antivirus "ransomware" program. The bogus programs then blocked other applications from running, caused pop-ups and redirected victims to messages designed to scare them into purchasing the fake software.

A similar malware scheme hijacked the UPS brand for a series of bogus delivery notifications.

"Cybercriminals have a large pool of potential victims at this time of year as more and more people flock to online shops to buy holiday gifts and ship them with their favorite package delivery company," said Christopher Boyd, senior threat researcher at GFI Software. "No matter how crazy the season gets, users need to remember to practice the same good habits such as double-checking the source of email messages and confirming the destination of links before clicking."

Reach BusinessNewsDaily senior writer Ned Smith at nsmith@techmedianetwork.com. Follow him on Twitter @nedbsmith.

Ned Smith

Ned was senior writer at Sweeney Vesty, an international consulting firm, and was Vice President of communications for iQuest Analytics. Before that, he has been a web editor and managed the Internet and intranet sites for Citizens Communications. He began his journalism career as a police reporter with the Roanoke (Va.) Times, and was managing editor of American Way magazine and senior editor of Us. He was a Captain in the U.S. Air Force and has a masters in journalism from the University of Arizona.

See All