Attack Spotlight: Fraudulent Shipping Notifications

Share this content in seconds -- simply copy and paste the following text into an email and send it to your end users.

Email Subject:

Attack Spotlight: Fraudulent Shipping Notifications

Email Body:


Be on the lookout for phishing emails that mimic shipping alerts from known brands like UPS, FedEx, USPS, and DHL. These messages often include familiar logos and language to fool recipients into thinking the emails are legitimate. In reality, they are designed to spread malicious software, steal money, and/or trick people into revealing their login passwords. 

Please be aware that while attacks like these happen year round, they generally increase during the holiday shopping season. Because phishing emails can closely resemble real notifications, it’s important to remain vigilant and carefully check all shipping alerts before clicking a link or downloading an attachment. 

The link below takes you to a brief (two-minute) module that helps explain the techniques cybercriminals use and how to spot and avoid fraudulent shipping notifications. 

Link to Module:

(Note: This link will take you to the website of Wombat Security, a division of Proofpoint.)

You can also read the attached PDF for more information.

Awareness Module >

Teachable Moments PDF>

*We recommend that you download the PDF and attach it to your email. If you prefer, you can also include a direct link to the PDF.

More Attack Spotlight Content

Attack Spotlight provides infosec professionals with free, actionable content designed to arm end users against the most relevant real-world phishing attacks and lures being seen in the wild.