Practically everyone orders things online these days, especially during the holiday season. Cybercriminals exploit this to try to steal your personal information, money, and peace of mind. Luckily, such attempts are easy to identify and thwart if you know what to look for. Here’s how to quickly identify, neutralize, and stop them.
Text messages are the most common delivery medium, although emails are also used. They claim to be from a legitimate service like USPS or FedEx and usually inform you of a problem concerning a delivery.
They tell you that they failed to deliver a supposed package or that you need to pay an additional fee to have it shipped. They include a link to resolve the issue. This link takes you to a fake version of the service's website, where scammers steal anything you enter, like your account or payment information.
They can also try to appear more legitimate by having you call a number, where someone will take down and steal your info.
The scammers have gotten craftier recently. For example, poor English isn’t as common as it was before AI showed up. Even so, telltale signs remain that make spotting their scams easy. Your memory is your strongest weapon. Did you actually order anything? If not, the fact that you’re even getting texts about unsolicited packages should be an instant and major red flag.
But let’s say you were on a Christmas shopping spree and several packages really are on their way. An authentic text will contain a genuine tracking ID number and a link tied to it. These are easy to corroborate if you compare them to your confirmation emails.
Texts that ask for extra payment, especially if they sound urgent, should be dismissed outright, too. No delivery service is going to ask you to suddenly pay extra online. You either settle everything up front during checkout or agree to pay delivery charges upon receiving a package.
Lastly, there’s the source. Texts might come from unofficial numbers, but it’s tricky to tell since craftier crooks can spoof official ones. If you receive an email, check whether it matches the service’s official one. Pay special attention to anomalies in the address structure, like it ending with .org instead of .com or subtle name changes.
Not engaging with the message directly is the most effective means of protection. Just don’t click on the link or call any number if you’re not 100% sure the message is legit. To that end, research the service’s official communications channels and reach out directly to confirm your suspicions.
But what if the message is convincing and you’re not sure how to proceed? One option is to open the link only if you’re using a trustworthy and high speed VPN first. Major VPN providers offer tracker blocking and phishing protection. They’ll block any known malicious links and keep you safe. Plus, VPNs encrypt your connection and protect you from other dangers like unsafe public Wi-Fi and snooping.
Since you’re receiving fraudulent delivery messages in the first place, chances are that information linked to your email and other accounts is exposed. You can take control of your digital footprint by deleting inactive accounts and removing public social media posts from which someone could infer personal information about you.
That said, solely deleting social media posts or accounts doesn’t completely erase your digital footprint. Whatever you share online could’ve ended up in a data broker’s database, so you have to contact these databases to erase any PII manually. If you don’t want to deal with the hassle, you can seek professional help from the best data removal service available.
These services contact data brokers and request that they delete any personal information you wouldn't want to be out there. Doing so will help you decrease the spam calls you receive, as marketing agencies or other third parties won’t be able to purchase your contact information anymore.