14 DAY TRIAL // As soon as Apple announced the availability of the new iPhone 5, many people rushed to order the new gadget to make sure they would be among the first to own one. Experts warn that the anxiety caused by having to wait for a delivery notification might be leveraged by cybercriminals.
Most Apple fans will receive their brand new iPhone 5 via UPS or FedEx. This may increase the success of malicious spam campaigns that rely on phony delivery notifications.
So, when receiving an email from UPS Customer Services which says that “the recipient’s address is wrong” and the package couldn’t be delivered, many would probably jump to conclude that it’s their new phone, and rush to open the attached invoice to see what the problem is.
However, as Websense researchers note, the so-called invoice may have nothing to do with the legitimate order. Instead, it may be an HTML file which points internauts to a malware-serving Russian website.
Judging by the site’s content, experts determined that this particular campaign’s main goal is to gain access to bank accounts by relying on the BlackHole exploit kit.
Over 45,000 such emails have been intercepted by Websense alone, which means that spammers might have stepped up their game, knowing that millions of users are anxiously waiting for their iPhone 5.
FedEx and UPS scams are not new, but when someone is really expecting a package, the chances that they'll open the malicious attachment, or click on the shady links increase.
During the launch of an Apple product, a higher number of people are expecting to receive something via mail and cybercriminals are aware of this.
We advise everyone to be extra cautious during this period. Take a close look at an email before following the instructions it contains.