Newly Identified Phishing Attack Targeting Small Businesses

July 20, 2017


Public warned of advanced, new phishing emails disguised as package trackers 

(July 19, 2017) – A new type of phishing scheme targeting small businesses was disclosed by internet security company Comodo in a special update from their Threat Intelligence Lab. The phishing emails were distributed on July 6 to over three thousand businesses with the subject line “Shipping Information.” The email text referenced an upcoming delivery being tracked by United Parcel Service (UPS), and included a seemingly legitimate package tracking link. However, if clicked, the “bait” link deploys malware which could unleash a virus, delete data, send spam and even disguise itself from detection.

Even to the cautious reader, the phishing email pictured below readily resembles real package tracking emails sent by well-known services: 


Upon investigation, Comodo identified that 585 different IP addresses originating from all over the world had dispersed the emails within 7 hours, demonstrating an alarming advancement in this category of cybercrime. In fact, Forbes has reported that the cost of cybercrime may reach over $2 trillion by 2019. Don’t let your business be part of this prediction!

Report to Prevent:

Please report any sort of phishing email or other cyber threat to BBB’s Scam Tracker so that we can continue to research and arm you with information on hazardous trends, and provide helpful tips for avoiding them.


Cybersecurity Resources:

BBB also has a resource page dedicated to cybersecurity resources for businesses and home. Training, scam alerts and information on developing technology are all available for download.