Cyber scammers don’t take any time off for the holiday season. In fact, they’re working overtime to take advantage of the spirit of giving. Giving to them, that is. By now consumers know that packages left outside their homes are up for grabs by package thieves. The latest cyber scam is preying on your predictable fear that those boxes won’t arrive on your doorstep at all.
All the shipping giants: Amazon, Federal Express (FedEx), United Parcel Service (UP)S and the (United States Postal Service (USPS) are reporting email delivery scams their customers are falling victim to, especially this time of year. According to the FTC, this email scam has been around for years, but is particularly at risk during the online holiday season. Malware, ransomware, and credit card theft from these bogus emails are only part of what this epidemic is spreading.
The emails sent to those expecting package deliveries are invading inboxes everywhere. They all count on exploiting the fear that your package will not arrive because of a made-up delivery glitch. Listed below are some of the more popular email themes being used. And remember, if it looks fake it probably is.
- Courier was not able to deliver parcel xxx1234
- Please confirm your delivery shipment
- Problems delivering item xxx1234
- Please confirm shipment and delivery information to receive your package
- To get your shipment, you must open the attachment and verify your credit card details
1. FedEx and UPS want customers to know they never send unsolicited emails about package deliveries. A big shipping service company will direct you to visit their specific website directly and ask you to log into your account. From there you’ll be able to find out if that worrisome email is a scam.
2. The visual appearance of these emails looks very legitimate, including logos and graphics styles. Be assured, they are fake. Also look for misspellings and bad grammar. Cyber thieves may know how to use a keyboard for theft, but often not for spelling.
3. Never click on a link before verifying the address. Hover over the link to see where it’s really taking you, including checking for accurate spelling. Best not to click an unknown or shady address at all. Type the URL yourself directly into the browser so you’re positive where you’re going, and double check if it’s spelled correctly. Also look for the lock icon in the address bar, and always start a URL with https://.