Grocery delivery services have been a popular choice among shoppers during the COVID-19 pandemic, as they help to support social distancing, reduce the number of people in stores, and mean higher risk customers can safely buy essential items.
Due to this popularity, some of these services have caught the attention of cybercriminals. Scammers are now pretending to be supermarkets that offer delivery services in hopes of stealing your personal information.
It starts with a “phishing” email that urges you to log in to your supermarket’s website using a link that is provided. Clicking on the link takes you to a fake login page for your local supermarket. The page asks you to select your email provider (Gmail, Apple iCloud, Microsoft Outlook, and so on) and then log in to connect your account. Don’t be fooled! Connecting your account actually gives your email address and password to the scammers.
Remember the following tips:
- Never click on a link in an email that you weren’t expecting.
- Remember that email addresses can be faked. Even if the email appears to be from a familiar organization, it could be a “phishing” attempt.
- When an email asks you to log in to an account or online service, log in to your account through your browser — not by clicking the link in the email. That way, you can ensure you’re logging into the real website and not a phony look-alike.