Pay attention to the courier invoice that comes in the mail

With online trading, many logistics operations have been simplified. An identity case is documentation. DDT (i.e. transport documents) and invoice expected by email.

New scams involving couriers and companies are running via email. One of them is BRT, where fake emails come from demanding unnecessary payments.

Pay attention to the courier invoice that comes in the mail, as it may be “phishing” as we see in this guide.

Fake Courier Invoice by Email: What is it?

We have sold a product online and will assume that we have selected the shipping method by courier. Undoubtedly this is a very functional practice, but it is one that can lead to a “cyber crime”. Why?

A few days later, a communication came from the courier. This is an email that looks like a payment reminder, but it hides the malware to steal important data. That’s why you should pay attention to the courier invoice that comes in the mail.

It looks very reliable, complete with logo and message. Many buy and sell online, and since couriers (including BRT) always send emails, distraction can play a bad joke. In fact, it may be tempting to open communications and click on the indicated links. There is nothing more dangerous than this!

Another way to cheat is to have an invoice attached instead of a link. In this second case it will be downloaded as an excel file or .xlsm file and opened on your computer.

How to protect yourself from this new attack?

Of course, you can protect yourself from this scam just like everyone else running on the internet.

First and foremost, you should be wary of emails with access keys to a site or links asking for personal information. Why click the email link when you can safely go to the sender’s website and sign in from there?

Another way to find a suspicious link is to check the sender’s letterurl Is in the email. To do this, move the mouse pointer over the link (without clicking) and read the target URL on the screen. Links url to email sender’s site? If the answer is positive, this is a good sign.

Finally, the target connection should always start with “https” (not “http”) because it indicates a secure connection.