With Cyber Monday, the “official” start of the online holiday shopping frenzy now just a fond memory, online shoppers should remember to be vigilant about any email messages they receive relative to their shopping extravaganza..
Pretty much everyone is in a hurry to get their online holiday shopping done and shipped. During the next few days and weeks you may see what appears to be an email from UPS saying “package not delivered,” and please click on a link to get the issue resolved. Don’t just blindly follow these instructions. Chances are the email is a fake, intended to infect your computer with a virus..
The scam is designed to prey on online shoppers who are worried about the timely delivery of their purchases. The emails look and feel like they are coming from legitimate shipping outlets such as UPS but in fact, the emails either have virus infected zip files attached to them or they direct recipients to infected sites through the clickable links embedded in the HTML content..
In the email screen capture shown, there’s one big clue in the message that indicates it’s a fake: “We were not able to delivery the post package“ reads the “mish-mashed” sentence in the message..
There have been a number of variants in this campaign (some with attachments, some with no attachments and bad links), all of them personalized to the recipient, and sent from an ever-changing list of fake UPS employees or the generic ‘UPS Customer Services.’.
UPS itself is quite aware of scammers using its corporate name to spread malware or take advantage of unsuspecting users who might be willing to hand over credit card or other information to cyber criminals. The company recognizes it as a “continuing global issue,” and has a Web page devoted to fraud protection that’s definitely worth checking out if you ship or receive packages using the service..
The company “may send official notification messages,” a UPS spokesperson has said, but there are — and this is important — “rarely attachments.”.
If you get such an email, you can forward it directly to UPS at: fraud@ups.com..
“You should not open attachments and should delete the email after forwarding,” UPS advises. The company continues to work with local and national authorities as well as participate in a cyberspace fraud task force. It’s a continuing challenge..
.
No matter how eager shoppers are for their shiny new purchases to arrive, they should take the time to check the original shipping confirmation that comes directly from the online vendor where the purchase was made. In addition, rather than clicking on embedded links in an email, shoppers should go directly to the shipping site and plug in the tracking number.