- dotTech - https://dottech.org -

“UPS Delivery Problem”? Watch out for scam e-mails!

A few days ago I received an e-mail allegedly from UPS (UPS is a global delivery company for those that don’t know):



I immediately knew that this was a scam email so I turned on all my defensive methods and opened the email. You should not do this at home [or at work for that matter].

Then, just like something an innocent computer user may do, I tried to download the attachment that came with the e-mail. Again, you should not do this at home [or work].

There was immediately a warning from ESET NOD32, my active antivirus, saying that there was a threat in the download:


With all the cards laid out on the table, it is fairly clear that this was a hoax that was trying to take advantage of those not-so-technically-knowledgeable computer users who

  1. Open e-mails that they are not familiar with;
  2. Download the attachments that come with those e-mails and install a Trojan in their computer, allowing the cybercriminial who sent the email to control the victim’s computer.

Similar to the UPS hoax I just mentioned, there are many other such e-mail scams out in the wild; tt could be a “Facebook password reset”, a “Bank of America” or similar. Do not fall for this kind of thing.

So, how to protect oneself? Here are some tips to help you spot a scam e-mail:

  1. Were you expecting an e-mail from [insert company name here]? For example, did you expect a UPS package delivery? If no, then the e-mail is probably a scam.
  2. Have you, in the past, provided your e-mail address to [insert company name here]? If no, then the e-mail is probably a scam.
  3. Does the e-mail from [insert company name here] include your name? If no, then the e-mail is probably a scam.
  4. Is the e-mail asking you to reply with personal information (i.e. full name, address, bank account number, credit card number, etc.)? If yes, then the e-mail is probably a scam. (Sometimes legitimate companies do ask you for personal information, but they will never request it via e-mail – you will probably be asked to submit it via their website.)
  5. UPS, banks, or any other legitimate company/website will never send you emails requesting your password. If your bank really uses email to do so, you might seriously consider abandoning this bank. Instead, most companies will use telephone to inform you of account problems.
    1. In the case of UPS (or FedEx, DHL, etc.), they may send you e-mails informing you about delivery delays or problems, but those e-mails will never contain any sort of attachment for you to download.
  6. Sometimes e-mails – even legitimate e-mails – can contain links for you to follow. If the e-mail is from a scammer, often times the links will be “spoofed” (i.e. you think they are taking you somewhere but they take you elsewhere). When you see a link in an e-mail you should not visit it unless you are 110% sure the e-mail is from a legitimate source. Rather, you should right-click the link and “Copy Link Location”/”Copy Hyperlink” or something similar. Then, open Notepad and paste the URL. After pasting the URL, analyze the URL and verify that it is infact taking you to the proper website (look at the beginning of the URL to see which domain it is taking you to). Look especially for letters that can be easily substituted for each other, like L and I.
    1. Thanks to Twitter, URL shorteners are very popular nowadays. If an e-mail contains a URL that uses a URL shortener, unshorten the URL before analyzing it using a URL unshortening service [4].
  7. Sometimes there are “urgent” or similar words in the subject of a scam e-mail.
  8. Check the date of the e-mail (and any date mentioned within) for any unreasonable dates. For example, I was alleged to have sent a package via UPS last December. If there are any unreasonable dates in the e-mail, the e-mail is probably a scam.
  9. Often times a scammer will try to “spoof” the e-mail to make you think it is from a trusted source. Spoofing can be done primarily of two ways:
    1. Changing the “From” name to an e-mail address. For example, you may get an e-mail from help@ebay.com <scammer@example.com> or eBay Customer Service <scammer@example.com>. The “From” name says help@ebay.com/eBay Customer Service so you may think the e-mail is from eBay. However, the e-mail is actually from scammer@example.com. This type of spoofing is fairly easy to spot – just double check the “From” e-mail address instead of just looking at the “From” name.
    2. The actual “From” e-mail address may display the e-mail from a trusted source. For example, you may get an e-mail from accounts@yahoo.com <accounts@yahoo.com> or Yahoo Inc <accounts@yahoo.com>. In this case both the “From” name and e-mail address indicate that the e-mail is from Yahoo. In reality, however, the e-mail is not from Yahoo – it has been spoofed to make you think it is from Yahoo. This type of spoofing is harder to spot since the “From” name and e-mail address are both spoofed; when you come across this type of e-mail you need to use the other points mentioned in this list to protect yourself.
  10. Make sure you have security software installed on your computer. If you accidentally do fall into a scammer’s trap, security software can often save you. (See Ashraf’s best free security software [5] list.)
  11. If it looks suspicious or too good to be true, it probably is – so stay away from the e-mail.

Good luck to everyone and stay safe!

If readers have any more suggestions to add to the tips mentioned above, please leave a comment below to share with us all.