Philip Brown smelled a scam. He wasn’t expecting a package delivery. But a suspicious email in his inbox said otherwise. Specifically, it was an email with the subject line DHL Parcel Arrival Notification REF No:677644359[FS#6562989.
The message contained a link that DHL allegedly wanted him to click. The notification promised him he’d be taken to the DHL website so he could track his package or make alternate arrangements for delivery.
In fact, the link would have downloaded a virus to his computer.
“I was not expecting any items sent through DHL,” Brown explained to the Elliott Advocacy team. “So it raised some red flags immediately.”
Brown’s story had a happy ending. Not only did he refuse to click on the fishy link, but he also sent the suspicious message to our advocacy team to investigate. Other computer users haven’t been so lucky.
Turns out the Package Delivery Virus scam has been around since 2009, and has been reproduced to appear as if it was sent from DHL, UPS, FedEx, and the U.S. Postal Service.
Our friends at Snopes.com warn that the messages:
actually harbor malicious executable files (‘ups_invoice.exe’ or the like) and display as a Microsoft Word icon to make it appear like a harmless Word document and thereby lure recipients into clicking on it.
Parcel arrival notification scam warning
UPS also posted a warning (which has since been taken down):
Fraudulent emails adopt many different forms and are the unauthorized actions of third parties not associated with UPS. These email messages referred to as “phishing” or “spoofing” are becoming more common and may appear legitimate by incorporating company brands, colors, or other legal disclaimers.
There have been a number of fraudulent emails reported and new spoofs continue to be introduced. These types of emails point to invalid hyperlinks that are revealed when you hold your cursor over them. The invalid links may contain malware, which could potentially corrupt your computer.
These are not legitimate UPS communications, and should you receive any of these emails, do not follow any links provided or click on any attachments. Instead, simply delete the email. If you’ve accidentally selected a link, you should run a virus scan immediately.
These shipping agents list warnings on their websites about the scam emails.
If you receive an email that indicates there is an issue with a package, go to the company website to verify the problem.
Do not click on that email
Do not click the email. Instead, open a new window and type in the website address of the company. Then click the option for tracking a package and enter (do not copy and paste) the tracking number from the email.
If the company really is trying to deliver a package to you, it will display the information. If it’s an invalid tracking number, delete the email and empty your trash. Whatever you do, don’t click the link.
One more thing: Always keep your antivirus software up-to-date — just in case.