An Online Shopper’s Nightmare.
Thanksgiving weekend is one of the most popular times to shop for gifts, and every year, more and more people turn to online shopping. Every day, if you shop online, you probably look forward to receiving the packages you ordered. From the Amazon box with the smiling arrow to the FedEx logo, the thrill of shopping is there.
Often, the shipping companies may need to notify you if there is a problem with your order. This is where the scam happens. You will get an email notifying you that the company tried to deliver your package, but there was an issue. They were unable to deliver it.
You probably get annoyed. Maybe you have to go to the post office now. Or maybe the package has been sent back. You may even feel stressed and upset if the package is time-sensitive. You only have one week before Christmas or a Birthday, and you have to have that package now!
The scammers count on this.
I almost became a victim of this scam myself. While I’m working, I receive a steady stream of emails, sometimes notifications of deliveries I am expecting, so a notification from a shipping company felt very legitimate. I opened the message and immediately heard warning bells. There was just something ‘off’ about the email.
The first warning sign was they addressed me as my email address and not my name. So they wrote “Dear Email Address.” This was just wrong. After that, I showed the email to a few of my co-workers and looked it up online. Sure enough, a scammer was targeting me.
FedEx is Aware
FedEx is actually keenly aware of this exact scam and has a warning on their website.
According to FedEx’s Website
“We have received reports of fraudulent emails with the subject line “FedEx: Delivery Problems Notification.” These emails can contain links which, when clicked, will connect the user to a site which then infects their computer.
These links can point to any number of infected websites all over the globe. Some of these sites may look like fedex.com, while others do not.
If you receive a message matching the description below, do not open the email or click on the hyperlink. Delete the email immediately or forward it to email@example.com.
FedEx does not send unsolicited emails to customers requesting information regarding packages, invoices, account numbers, passwords or personal information.”
THE ACTUAL EMAIL
Here is the actual email I received (but without my email address).
We attempted to deliver your package on November 08th, 2017, 09:45 АM.
The delivеrу аttеmрt failed bеcausе the аddress was business closed or nobоdу соuld sign fоr it.
Tо рick up thе package. Pleasе, рrint thе invoice that is аttаched to this emаil аnd visit Fedех
office indiсatеd in the receipt. If the рackаgе is not piсkеd up within 24 hours, it will be rеturnеd to the sender.
Rеceipt Number: Xn.46587218
Exрectеd Dеliverу Dаte: November 08th, 2017
Class: Internаtionаl Рaсkagе Serviсe
Servicе(s): Delivеry Cоnfirmation
Status: Nоtificаtion sent
Then there was this attachment:
That is really an odd file name. Why would FedEx need me to “рrint thе invoice” (this random Zip file), and why would it have such a strange file name?
Then there was the ‘From’ address – the email address of the person/company the email came from:
What is that?! Why would an email from FedEx come from @virgilio.it. Looks very suspicious.
Why do they do this?
Usually to infect your computer with a virus to:
- Steal your personal information for identity theft
- Take over your computer’s processing power and internet connection to spread the virus
- Shut down a computer or network of computers
- Make money, for example: ransomware
- Use it to send spam to everyone in your contacts list
- You have a ‘failure to deliver notice’ in your email in the 1st place. Most companies don’t send an email notice of any sort.
- You didn’t order anything
- Contains files to download or links you have to click on
- Has an odd ‘from’ email address
- Has spelling and grammar errors
NEVER download a file in an email unless you were expecting it, for example – from a coworker. Even then, you might verbally confirm that they are sending you something.
In this particular scam, some versions of the email will have a link you have to click on instead of a Zip file. DON’T click on the link!
Stay Safe and Don’t Download and Open Unexpected Files
Asurea offers Life Insurance, Mortgage Protection Life Insurance, Medicare Supplement Insurance, Final Expense Insurance, Disability Insurance, Long-term Care Insurance, Retirement Planning products and more. For additional information, click on the ‘Learn more’ button below. Want to have articles just like this delivered to your inbox? Just enter your email address in the box below and click ‘Subscribe.’
This information is provided for general consumer educational purposes only and is not intended to provide legal, tax or investment advice.