Scammers are becoming increasingly clever in their attempts to deceive us, and it's likely that you've received a fraudulent message, perhaps without even realizing it.

For instance, last week, we received a text message scam purporting to be from UPS about a missed parcel delivery. Since many of us rely on parcel deliveries and receive text message alerts about them, this message may not have seemed unusual at first glance. See the text below:

However, several warning signs in this message suggest that it's a scam:

🚩 The sending address is not one UPS currently or has previously used to send customer communications.

🚩 The message employs scare tactics, threatening that the package will be returned to the sender or that you'll have to pay shipping fees.

🚩 The link in the message, the one the scammer wants you to click, is not a UPS URL.

🚩 The message's poor grammar and syntax may raise suspicions. It appears to indicate a failed delivery attempt, but the language becomes confusing when it suggests that both the first and second attempts were unsuccessful and that a third attempt will require a new shipping fee.

If you receive a similar message and are unsure about its legitimacy, avoid clicking any links or responding to it. Instead, reach out to the company directly using a verified phone number, email address, or other official support channel. You can find legitimate contact information for most businesses by visiting their website.

It's crucial to be aware of the risks associated with personal phishing attempts like the one mentioned above, not just for your own security but also for your employer's data security program. Cybercriminals often use these tactics to gain access to sensitive information or networks. By clicking on links or responding to messages from unknown sources, you may inadvertently provide cybercriminals with access to your organization's systems, allowing them to steal confidential data, install malware, or launch other cyberattacks. Therefore, it's essential to follow best practices for identifying and reporting suspicious messages and to stay vigilant against any potential phishing attempts.

----

Want to subscribe your team to weekly posts like this in Slack? Check out Heakka Streams. All Streams are 100% customizable by admins before they are sent to your team.