If you find our resources valuable, please support us by making a small donation. Thank you!

x

Deliveries

SCAM: Bogus delivery emails, such as fake UPS, FedEx and DHL, are one of the most effective scams targeting businesses, schools and non-profits. That is simply because we all routinely place orders and expect deliveries of various kinds. If a scam email arrives into the mailbox of an employee who is, coincidentally, waiting for a delivery, that person is highly likely to open the email and click the link. A mouse-over of any link in these bogus delivery emails reveals that they do not point to the website they claim to represent. [View the lower left corner of each graphic.] These types of scams are typically used to deliver malware to the recipient's computer, causing a computer infection.  Some of the emails offer attached files to click on or download, while others are links to websites that cause a computer infection.

WHAT TO LOOK FOR: Besides doing a mouse-over to look at the link revealed in the lower left corner of these  scams, notice that these emails typically lack any personal information that identifies the recipient besides the email address. Also, if you notice any grammatical errors or unusual phrasing in the email, you should be suspicious. English is often not the first language of these criminals.

CAUTION: We do not advise visiting the links revealed in these scam emails because it is possible that some of these websites might cause a your computer to be infected with a virus or malware.

Notice that a mouse-over of the links in most of these emails reveals that they do not lead to UPS. Example 1: “Contact UPS Express” Though this email is a poor and unsophisticated attempt, the link is very dangerous as it leads to a malware download. Example 2, 3: “Delivery confirmation: failed” & “Failed to […]

A mouse-over of the links in these examples reveals the scam. Example 1: “Unfortunately, we failed to deliver the postal package…” The link leads to “annahome.pe.kr” instead of FedEx. “.kr” is the 2-letter country code for South Korea. Several services are reporting this website as a source of malware including Scumware.org, McAfee Site Advisor and […]

Example 1: “The parcel was sent your home address” This is a poorly designed scam, including the grammar in the email. Still, people are curious enough to click the link. This link happens to be a compressed zip file. That means you have no idea what is in it until it opens, which we’re sure […]

Example 1: “Pending Delivery Alert!” This scammer wants to engage his “mark” in a conversation. Notice that there isn’t a single piece of personal information that identifies the recipient. Just delete! Example 2: “We failed to deliver the postal package” This is a poorly designed scam. This link is for an attached compressed zip file. […]

The real eFax is a legitimate and well-known fax to email service.  Each of these sample scams looks the same but each points to a different web site used by the scammers to hide their malware. When a scampaign is run, it is common for the scammers to use multiple infected web sites. That way, […]

Example 1: “We attempted to deliver your item on…” A simple mouse-over reveals that the links don’t point back to the Canadian Postal Service (CanadaPost.ca; “.ca” is the 2-letter country code for Canada.).The links actually lead to “brokerlinkmystore.ca” which is a legitimate website.However, the site was hacked   by the scammer   and used to […]

s2Member®