The Package Delivery Scam

Rob here.

I know this is a very busy weekend for a lot of you as you finish up holiday shopping and get ready to travel or welcome guests. In fact, many of you may already be on the road or already have guests in the house.

So, I’ll be very brief while warning you about a scam I want to be sure you avoid.

The most effective scam this month is the Package Delivery Scam.

It’s effective for the precise reason I’m being brief – because everyone is busy and when we’re busy we’re far more likely to click on a link in an email that we’d normally realize is a phishing and/or malware-laden email scam.

As you know, phishing email are email that request confidential information under false pretenses in order to fraudulently obtain credit card numbers, passwords, or other personal data. Additonally, phishing email may hook you into opening an attachment or clicking on a link that will download a virus or malware onto your computer or other Internet-connected device.

Here’s how the current and most prevalent Package Delivery Scam works (but remember, there are many variations of this scam).

You receive a “delivery failure notification” email that looks like it’s from the U.S. Postal Service (or FedEx or UPS or any other delivery company). The email says you missed a delivery. But, it says, if you print the attached form and take it to your local post office (or other delivery company), you can pick up your package and avoid penalties. Often, the email includes a link for more details.

Of course, the email is a scam and there is no package. But, if you open or download the attachment or click on any link in the email, you’re likely to end up with a virus or malware on your device. Or if you provide personal and/or financial data in response to the email, you’ll become a victim of identity theft and financial fraud.

OK. I know this might be fairly basic for most of us. But, you’d be amazed how many times even the most careful and scam-aware computer users click on the link in an email before pausing to think about whether the email might be a malware-laden phish.

I can tell you I’ve received many calls over the years from clients and friends that begin with, “Rob, I know better, but I clicked on the link in an email and…”

So here’s my motto: Think before you link!!

OK – you get the picture. I promised I’d be brief, but I just want to be sure that you don’t fall for the Package Delivery Scam this week – when more packages will be delivered than most any other week of the year!

If you have any thoughts, comments or questions – email me at[email protected] and be sure to share this advisory with your family and friends.

Otherwise, have a wonderful holiday week and…

Be safe, secure and free!!!

Rob Douglas – Former Washington DC Private Detective & Certified Identity Theft Risk Management Specialist

PS – If you want a quick refresher on malware, the FTC has a fairly good page on the topic located HERE.