Beware the Fedex Shipment Notification Scam - Comments Page 2

Sorry to have to correct you, but nowadays the shippers ARE sending delivery notification via email. Not on every delivery, but more often than not, it seems. I just got one two days ago, and before that about a week ago.

EDITOR'S NOTE: Yes, but to the sender only, right?

Chuck
31 Jan 2012

"I love the phishing scams with misspelled words or incorrect grammar. Duh! No way will I allow that message to live for even 5 more seconds."

Indeed, but so many younger people cannot read or write correct grammar [blame liberal school policies] that they are more vunerable to these scams.

My favorite was supposedly from Yahoo Mail Classic:

"ACCOUNT UPDATE VERIFICATION

Dear Valid Users,

Due to the congestion in all Yahoo users and removal of all unused Accounts, Yahoo would be shutting down all unused Accounts, you will have to confirm your E-mail by filling out your Login Information below after clicking the reply button:-

* User name:-
* Password:-
* Date of Birth:
* Country Or Territory:-
* Occupation:-

After following the instructions in the sheet, your account will not be interrupted and will continue as normal.
Thanks for your attention to this request. We apologize for any inconveniences.

Warning!!!: Account owner that refuses to update his/her account after two days of receiving this notice stands the risk of losing his/her account permanently."

Trying to alert YAHOO to this was impossible!

"EDITOR'S NOTE: Hi Marcy, The From address is not a reliable indicator of the true sender, as it can be faked so easily."

Maybe so but it should weed out 99% of spam mail.

I've received these shipment notifcation scam emails quite a few times over the past several months. I got the first one maybe 3 or 4 months ago. I do constantly order things online, so it wouldnt' be unusual for me, but usually the shipping notification will come from the company through which I ordered, not FedEx or UPS. I did actually open the first one I got, though after opening it, I thought it looked suspicious and I was not able to click any links or open the attachment either. The first claimed it was from FedEx, however it wasn't even 12 digits long and didn't look like a FedEx number. I have a pretty good idea of what FedEx and UPS tracking numbers look like since I deal a lot with them in my work. I just opened up FedEx's website on my own and typed in the tracking number, and sure enough it was bogus. I also know that unless you paid to ship it yourself with your own FedEx account, and then selected and paid extra to receive a shipping notification, FedEx would never send one on it's own. They always charge extra for these things. If anything, the notification would come from the company where you ordered the product, not directly from the logistics company. Also, FedEx numbers are usually 12 digits long unless it's a freight load, then it will be shorter; UPS tracking numbers usually start with "1Z....."

I receive 3 of these scammails a day, on average - USPS, UPS, Fedex - the very first one telling me someone had sent me a package. I didn't bother checking out the attachment, for obvious reasons, and I figured if any one of the three wanted to contact me, they would have had my address from the shipment.

In GMail I believe you have to open an email first then you will see the sender and sender's addy. To the right of that you will see the time the mail was sent. To the right of "that" you will see a box with 2 arrows (one is "reply" the other is "more" when you hover over them. Under "More", you will choose "Show Original" and the new window will be the Full Headers. Just open a new window and google "email trace" and you will get a link to ip-adress.org or .com either one will work. Just copy the header and paste it into the open field in the email trace window and click "Trace" or "Trace Email" or whichever and it will resolve the header to where ever the mail originated from, or at least the last hop it took to get to you. If you trace some of the other ip addy's in the header you will often find that the mail bounced around the globe a bit before it came to you. I don't think you can get the full header of a mail w/out opening it in gmail. Someone correct me if I'm wrong. In Yahoo Mail you can just Check mark the mail in question and click the "More actions for selected mail(s)", and select "View Full Header". Hope this helps.

Mine say that they're from USPS, with whom I Do have an online account which I use quite frequently for ebay business.

I usually opt to phone the PO (or paypal or ebay or whoever) to get verification.

Dear Bob,

maybe if you had explained how you
knew from what was in the "view email headers" that made you so certain that it was a scam - from that confusing mass of information - the rest of us would also know what to look for ?

Hi,
Just my four penny worth.
Two weeks ago my daughter was expecting a package from China, a replacement for a faulty electronic device.
She received an email telling her that the tracking number for her package was in the attached pdf.She clicked......at this point she lost all control of her laptop.
Even on reboot she was unable to revert to an earlier restore. Fortunately we have the System Repair disk (SRD) for Win7 32 bit.
This enabled us to go back to an earlier restore point, without loss of data.
The offending email was then deleted. She now has her own SRD, and is schooled in the art of using it for such events.
Bob, could you see your way to documenting "How to use your System Repair Disk".
My thoughts, it should be Computer User 101!
best wishes
Steve

If I get a suspect email that I'm not sure of. I cut and paste the Subect, from the email into Google. This usually show up the scam and its history.

I received an email a week ago claiming that my Amazon order had been shipped. I had not ordered anything so deleted the email, but if someone orders frequently from Amazon, they might not think twice about opening that and providing information.

Regarding this previous comment and Bob's reply

"Sorry to have to correct you, but nowadays the shippers ARE sending delivery notification via email. Not on every delivery, but more often than not, it seems. I just got one two days ago, and before that about a week ago.

EDITOR'S NOTE: Yes, but to the sender only, right?"

I have found more and more that eBay sellers have their UPS label printing set up so that UPS do indeed receive my email address and send me genuine notifications. I don't like it, but sellers I have contacted just act as if I am weird, which, of course, I am :-) and just don't understand why I don't want my eBay email address shared this way :-(

I have trained myself to never click a link in an email even if I believe I know who sent the message.

This proved invaluable recently when I received many emails supposedly from different friends, that contained a link. Checking this out I found their address lists had been hacked.

Many believed their facebook account had been hacked, and their friends list used, but I don't know how valid that is.

I believe if I had clicked on the links I would soon have wished I had not.

I use Outlook for mail, and check headers on any questionable e-mails without opening the message. In my previous version I could right click the unopened message and select options, which showed the headers without opening the message. It was a little trickier finding how to do it in Outlook 2101, but now I have a button on my Quick Access toolbar.

Before deleting any messages that I consider to be phishing or spam, I report them to my ISP and to the domain from whom they appear to be coming. For example, if the mail appears to come from a Yahoo address, I forward it to my ISP and to "abuse@yahoo.com". They can close an offending account. Often it's a bogus address, but they need to know that, too.

In Outlook 2010 there is an option to "Forward as Attachment", so I never have to open the actual message in order to forward it.

I don't use web-based mail enough to know what to do, but I'm sure Gmail, Hotmail, Yahoo, etc have some provision for viewing headers without actually opening the e-mail.

What I get are notices that "my package" could not be delivered. Same thing, slightly different approach. Except that I hadn't sent anything recently. Some of the really original scams I save to a separate file, for future chuckles in reading them!

Bob, I have been getting the emails every day for the last 2+ weeks. I delete them, do not even bother to open them. I hope this is the correct single thing to do.

Jerry suggested using www.ip-adress.com. Because of the spelling and because it's such an easy potential scam, I ran a whois and domain host check. No trace at all. I ran whatismyip.com and at least it has been around since 2000 and has an address in California. I suspect that most sites which offer 'help' in this area steal and use any info you send them. This is a general comment, not a specific reference, explicit or implicit, to any domain or site!

I continued another 5 minutes out of curiosity. I googled the address listed by the parent company of a domain. Restaurant, hairdresser, website designer, but not this company. It does not mean much, as it could just be out of date. I could search company records California, but I am not that interested.
My point is that in 5 minutes anyone can run a whois and domain hosting search. I know almost nothing about computers, but before giving personal or financial information, I run at least a basic safety check. I did it before the internet existed. A little prudence. Knowledge that the 'free' lunch does not exist. NO EXCEPTIONS. You're never safe, just safer. But if you become paranoid, you can't do anything useful on the internet, and you might as well throw your computer away. Do you agree?

Hi Bob, I received an email this morning (9th April 2012) supposedly from Fedex. It said that the address on the parcel I sent was incorrect and that I should fill in and print out the attached form which was a zip file! I checked the file properties and found the source was not Fedex. I DELETED IT! By the way Bob, unlike the professionally produced email you received, mine was in plain text. That was the first indication something was not right!

Love your site Bob!
Regards,
Jim