Fraudulent Shipping Notifications Awareness Training | Attack Spotlight | Proofpoint

Access Free Content

Attack Spotlight provides infosec professionals with free, actionable content designed to arm end users against the most relevant real-world phishing attacks and lures being seen in the wild.

Trending Threat: Fraudulent Shipping Notifications

The Proofpoint global intelligence platform analyzes more than billions of data points a day to deliver unmatched visibility into attack patterns and methods. Our monitoring has revealed that attackers are already increasing their use of fraudulent shipping notifications ahead of the holiday season. We blocked tens of thousands of these phishing attempts throughout the month of September and into October—and attackers’ efforts are only going to escalate in November and December. 

These malicious shipping alerts—which mimic messages from familiar operators like UPS, FedEx, DHL, and USPS—are being seen across a variety of industries, including: 

  • Manufacturing
  • Technology
  • Healthcare
  • Retail
  • Construction 

Many fraudulent notifications are being used to spread various types of malware. However, attacks of this nature can also be used to compromise account credentials and steal money from unsuspecting email recipients. 

What Can I Do?

Raise Awareness and Assess Vulnerability 

Because organizations and consumers frequently receive valid shipping alerts, it can be difficult for end-users to spot malicious messages that imitate well-known brands. Use our free resources to alert your employees to these types of attacks now, ahead of the busy holiday shopping (and shipping) season.  

The tips we provide in our Attack Spotlight awareness materials will help users be more vigilant about the notifications they receive. In addition, ThreatSim® customers will find a number of shipping-related phishing tests in our template library. These customizable simulated attacks can be used to assess users’ susceptibility to fraudulent shipping alerts.