In 2008, and again last year around the holiday season, we saw a lot of emails purporting to be from the "United Postal Service" with an attached file claiming to be the tracking or delivery confirmation information for your shipment. They were fake, and they're back.
As reported on the Cyberjungle Podcast and Webroot's Blog, these fake shipping confirmation documents are nothing more than malware designed to hijack your computer. A few years ago, these emails were very easy to spot because of their typos and obvious content problems. Have you ever heard of the "United Postal Service?" Neither have I. However, they seem to be refining the content using real company names now, e.g., FedEx, DHL, and the United Parcel (as opposed to Postal) Service.
Bear in mind the following:
- Do not open attachments in email unless you are explicitly expecting them. This does not mean "sometimes they send me something so I open it." It means "John P. is sending me the spreadsheet right now, so I will open it."
- Do not click links in emails. Links in emails are trivial to forge. See one of our first posts on the subject for an explanation.
- These companies do not email attachments with your shipping confirmations. They may send you a tracking number. If this is the case, and you receive a tracking number, do the following:
- Copy the tracking number out of the email
- Open a web browser and manually type in the website address of the shipping company, e.g., www.UPS.com, www.DHL.com, www.FedEx.com.
- Find the box to track your shipment and paste the tracking number into the box.