News

Phishing Scams Spike As Holiday Season 2021 Approaches

Richard Marley
November 23, 2021
2 minutes read
1793

64% of the top courier companies have insufficient protection against phishing scams and other frauds, which makes them a hot target for scammers in the upcoming holiday season.

Delivery companies in the UK are reportedly unsafe when it comes to fraud, spoofing, and phishing. This is evident from the rise in phishing attacks ahead of Black Friday. The reason is said to be unprotected email domains of the top delivery companies.

2021 is expected to be a lot worse than 2020 in terms of phishing scams, as fraudsters are able to manipulate the email addresses of 64 percent (two-thirds) of the top delivery companies in the UK. Poor security protocols are indicated by reports in the majority of global couriers, where only 20% have incorporated authentication and reporting measures.

Although phishing scams are not new, 33 percent of the UK’s customers have reported instances where they received phishing emails. This number is expected to further increase in the upcoming holiday season.

During the last year’s holiday season, 90,000 phishing attacks were reported, which indicates the rise in crimes as the number of online deliveries increases. As a result, delivery companies and customers are being warned to watch out for suspicious signs in phishing emails.

According to TechRadar, every email and message should be verified by the recipient while keeping an eye out for typos, spelling errors, and other possible red flags. Moreover, the sender’s identity must also be verified by matching their names and addresses.

Customers that use mobile devices for emails are especially cautioned against phishing scams. Cybercriminals are reported to spoof a company name and take advantage of customers’ negligence to look at the email address.

Courier companies and delivery platforms have several open communication channels, making them prone to fraud. Customers are encouraged to directly approach the delivery company for the purpose of due diligence in order to avoid becoming victims of phishing scams.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
US Rated as The Most Secretive Financial Jurisdiction in the World
The US has been ranked the most secretive financial jurisdiction in the world due to deterioration prior to Financial Secrecy Indices (FSI), as per lax rules in US anti-money laundering (AML) and tax laws.

As per the Finacial Secrecy Index (FSI) 2022, the United States has been classified as the most secretive financial jurisdiction in the world. Due to the unaddressed loopholes and flexible rules in US tax and anti-money laundering (AML) laws, the US ranking is worsening prior to Financial Secrecy Indicies.

Ian Gary, Executive Director of the FACT Coalition stated “These findings point accusations towards US secrecy and should be a rallying cry for monetary clarity” While talking about the Biden Administration, he further said “The Biden Administration is continuously working for the making a number of anti-corruption reform for implying effective penalties. Now it is the responsibility of the Administration and the Congress to execute and fund them”.

Identified as the second most financial jurisdiction in the world in 2020 by FSI, Congress issued a Corporate Transparency Act (CTA). The CTA will put restrictions by requiring corporations and similar entities to register their authentic beneficial owners to a central directory maintained by the Financial Crimes Enforcement Network (FinCEN) at the Treasury Department.

The expected rule was to be enforced on January 1, 2022, but only one of the three proposed rulemaking has been implemented till now due to the funding and capacity constraints of FinCEN.

“To fight corruption, we need to execute the CTA Act and for that purpose, we need to generate funding for FinCEN now” as made evident by Congresswoman Carolyn B. Maloney, the co-author of the CTA.

The US treasury is devoted to only finalising rules executing the CTA Act by 2024, as made clear in the “National Strategy for Combating Terrorist and Other Illicit Financing” report on Friday. These structural reforms will authorise law enforcement and national security officials to refrain from the sanctions “whack-a-mole” in favour to comprehend the nature of US entity ownership and tackle large-scale sanctions evasion.

The 2022 International Anti-Corruption Conference to be held in Washington, D.C. later this year has been called in for the final implementation of the CTA Act, whose delays have been warned by the FACT Coalition.

Suggested Read: US DOJ Stresses Disclosure of Beneficial Ownership Information to Curb Illicit Finance

Recent Posts

Blog
California Privacy Rights Act - What Businesses Must Do to Comply
The California Privacy Rights Act (CPRA), also known as Proposition 24, was approved on November 3rd, 2020 and amended the existing California law, the Consumer Privacy Act (CCPA) from June 28th, 2018. January 2023 will see new amendments to the data privacy regulations of California and will require businesses to make the necessary changes to stay compliant.

The new regulations not only apply to businesses operating in California but also to those operating outside it and promoting their services in the state. This makes the new amendments quite important, as California is a leading economy that hosts the largest total population of a US state.

Businesses that Need to Oblige

Both the CPRA and CCPA are applicable to businesses based in California and offer services from outside its borders. The conditions for businesses to fall under the new regulations are as follows:

California Consumer Privacy Act (CCPA)

The CCPA applies to businesses that generate annual gross revenue of over $25 million, or deal in buying or selling personal data of over 50,000 individuals, households, or devices for commercial purposes. Another condition is that the business sells customers’ personal information for more than half of its annual revenue.

California Privacy Rights Act (CPRA)

The CPRA applies to businesses that generate annual revenue of over $25 million and deal in the sale or purchase of personal information of more than 100,000 individuals or households. The other condition is that the business takes more than half of its earnings from selling or transferring the personal information of its customers.

As per the new regulations, there is a broad scope of the terms “selling” and “sharing” of personal information, which implies that businesses need to pay close attention to know what they must do. The regulations define selling as: “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration”.

Whereas, sharing is defined as: “sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration, including transactions between a business and a third party for cross-context behavioral advertising for the benefit of a business in which no money is exchanged”.

New Types of Businesses Under the Updated Regulations

The amendments to the CPRA have brought new types of businesses under the scope of the regulations. For instance, joint ventures and partnerships that provide every business with at least 40% interest fall under the same criteria. Similarly, a business that voluntarily decides to certify to the regulation will also be obliged to comply. Moreover, the CPRA also applies to those businesses that share common branding with an already regulated business. As per the amendments, common branding is defined as a “shared name, service mark, or trademark that the average consumer would understand that two or more entities are commonly owned”.

Parties that Fall Under the Regulations

As per the CCPA and the CPRA, the sending and sharing of personal information involve three major parties, which are contractors, service providers, and third parties. A contractor is defined as a “person to whom the business makes available a consumer’s personal information for a business purpose, pursuant to a written contract”. A service provider is defined as “a legal entity organized for profit that processes personal information on behalf of a business.” Just like a contractor, service providers get information from businesses “for a business purpose, pursuant to a written contract”. Third parties are defined as entities that do not fall under the category of contractors or service providers but are counterparts to whom businesses “sell or share” personal information.

The sharing of personal information with contractors and service providers is overseen by a written contract, which states the rules for the transfer of personal data and imposes a ban on its resale. However, there is a different system for transferring personal information to third parties, which considers the customers’ rights to their information.

What are Consumer Rights Under the Regulations?

The CCPA and the CPRA state that personal information includes anything that a business collects related to its customers. This means that personal information is not limited to names, dates of birth, and locations. It also includes IP addresses, behavioral patterns, web search history, and even cookies. The businesses that fall under these regulations are required to offer California’s people the measures to fully utilise their privacy rights. These include the right to know which information is collected, its source, and the purpose for which it is required. Consumers also have the right to know with who their personal information is shared, and to whom it is sold. They also have the right to reject “selling or sharing” their personal information.

Customers of any business can access their previously provided personal information and get it deleted/amended at any time. Furthermore, the regulation also mentions that businesses cannot refuse or change the quality of their services in case a customer utilises any of the above-mentioned rights.

Depending on the type of violation, businesses can face different amounts of civil penalties under the regulation. In case of an intentional violation, the business will be fined $7,500 per violation. Whereas in the case of accidental violation, the business will be fined $2,500 per violation. However, penalties are only effective when businesses fail to rectify a violation within a period of 30 days. In case an individual sues the business, the regulatory fines vary depending on the personal information used or breached. If personal information is not harmed in a data breach, the customer can take between $100 and $750 for each instance. If the personal information is affected, the customer can take more than $750. Although the actual amendment will not be effective until January 1st, 2023, it will be applicable to the personal information collected from January 1st, 2022.

What Shufti Pro Offers

For businesses that fall under the CPRA and CCPA, it’s important to understand the importance of complying with the new regulations. In order to comply, they need to protect the personal information of their customers. Although it is a challenge to manage compliance costs, businesses with stringent identity verification measures can steer clear of regulatory fines.

Shufti Pro’s robust identity verification solution allows your business to avoid the hassle of a manual verification system and saves it from regulatory fines. The system deploys thousands of AI models to verify identities in less than a second with an accuracy of 98.67%.

Want to know more about this solution? Get in touch with our experts!

Talk to us

Phishing Scams Spike As Holiday Season 2021 Approaches

Businesses that Need to Oblige

California Consumer Privacy Act (CCPA)

California Privacy Rights Act (CPRA)

New Types of Businesses Under the Updated Regulations

Parties that Fall Under the Regulations

What are Consumer Rights Under the Regulations?

What Shufti Pro Offers

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.