The sneaky postal service scam

Watch out for this scam email claiming to be from the western world's largest post office...

I'm no different to anyone else. I love presents and I love parcels arriving, especially when they are surprises.

And, like most people, I'm nosey. Even when I'm taking in a parcel for a neighbour, I'm really want to know what's in it. I look at the label, even shake it or prod it! Yes, I'm aware this is wrong!

But sometimes this ever so understandable curiosity can end up killing your computer or burgling your bank account.

My lesson in trying to be less curious started with an email. It said it came from the United States Postal Service – from “support at usps.com” , to be precise.

The email was headed “USPS Delivery Problem NR#########” - my hash signs replace the numbers which can vary. Opening it (don't even think of doing this at home as it could have dire consequences) shows the USPS logo together with the message: “Hello! Unfortunately we failed to deliver the postal package you have sent on the 19th of September in time because the recipient's address is erroneous. Please print out the shipment label and collect the package at our office. “

Now usps.com really is the website address of the western world's biggest post office. But I did not send any package by USPS – why should I? Looking a little closer, the bcc (blind carbon copy) line shows it has been sent to a number of people called Tony but with different surnames starting with Lev. One has a French email address, another appears to be with Tesco, a third is in the US Air Force while the fourth works for a safe making company in the UK.

Nothing makes sense here so added to everything else, this screams scam.

And just what is the shipment label? It's a zip-file and the most dangerous part of the email. If you open it – and I did not – the zip unleashes a Trojan called Oficla.G which is a variation of the Zeus Trojan. A Trojan is a piece of malware or computer evil that infiltrates itself into your computer, ready to be used by criminals at a later date.

So what happens if you are that curious? You could end up with your bank account or credit card looted or the machine rendered useless.

Richard Clooke is the worldwide review manager at PC Tools, which designs protection against viruses and other malware. He tells me that Trojans have become multilayered – malware writers now send several different threats in the same package.

He says, “One likely use will be to allow access to the machine from a remote location. The criminals will perhaps use machines to log what keys you hit. They're not interested in most things but when they auto-detect 16 figures in a row, they will know they probably have a credit card number so it will look for the three figure security code as well. Or it could use your machine to send infections to all the people in your email listing. Or it might disable your machine until you contact a centre abroad and pay to have your computer 'cleansed' - this is known as Ransomware.”

But however these elements are used, you will end up losing out. And although there were some UK arrests of malware criminals who emptied bank accounts, this is little consolation. Getting your cash back is difficult and lengthy – sometimes impossible.

PC Tools says this particular malware contains all the characteristics of a very serious threat. But provided you have an up to date version of this or another anti-virus software package, you should be safe. Clooke says that information on attacks is shared between rival providers.

Of course, there are variations on this theme. Scamsters also use parcel firms such as DHL or Fedex or quote an airline ticket you could collect – anything to get your attention.

Like all scams, this works by sending out millions and hoping to catch the small minority who fall for it and who do not have computer protection. Make sure that's not you!

Award-winning scams expert Tony Levene explains why he's writing a blog about scams and why he is The Scam Magnet!

Comments


Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.

 

loveMONEY.com Financial Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) with Firm Reference Number (FRN): 479153.

loveMONEY.com is a company registered in England & Wales (Company Number: 7406028) with its registered address at First Floor Ridgeland House, 15 Carfax, Horsham, West Sussex, RH12 1DY, United Kingdom. loveMONEY.com Limited operates under the trading name of loveMONEY.com Financial Services Limited. We operate as a credit broker for consumer credit and do not lend directly. Our company maintains relationships with various affiliates and lenders, which we may promote within our editorial content in emails and on featured partner pages through affiliate links. Please note, that we may receive commission payments from some of the product and service providers featured on our website. In line with Consumer Duty regulations, we assess our partners to ensure they offer fair value, are transparent, and cater to the needs of all customers, including vulnerable groups. We continuously review our practices to ensure compliance with these standards. While we make every effort to ensure the accuracy and currency of our editorial content, users should independently verify information with their chosen product or service provider. This can be done by reviewing the product landing page information and the terms and conditions associated with the product. If you are uncertain whether a product is suitable, we strongly recommend seeking advice from a regulated independent financial advisor before applying for the products.