A consumer from Hancock County was surprised recently to read an email saying that a package he had ordered could not be delivered.
Suspicious because he had not ordered anything, the man read more closely. The generic greeting, “Dear customer,” was followed by an urging that he click on the attachment that contained a “shipping label.”
“Something about it just didn’t strike me right,” the consumer told us, so he ignored the email, allegedly from “Fedex International Ground.” Eight days later, he received another message and attachment, this time from “Fedex International Next Flight.” The next day, an email came from “Fedex 2Day.” A fourth message came three days after that. All carried different senders’ names.
Similar messages arrive in consumers’ email inboxes every day. And every one is a hoax, designed to prompt you to click a link or open an attachment containing malicious software or malware. The virus, Trojan or other nasty code might lock your computer and hold it for ransom, steal your personal information or be used for other illegal purposes.
These attempts to spread malware are constant, but they spike near holidays, when online shopping increases. Variations of the message might include instructions to click the attached “invoice copy,” print it and take it to “the nearest office” to pick up your nonexistent package. Other messages demand payment of a bogus debt before that mystery package can be delivered.
United Parcel Service, FedEx and the U.S. Postal Service will never send email notices about missing packages. UPS has guidance on its website ( ups.com and search “scam”). FedEx offers similar advice at fedex.com/mx_english/fraud/email_alert.html.
The recent news that UPS aircraft mechanics have authorized a strike may spark more fraud attempts. Crooks seize such news items to lend credibility to their stories that “packages have been delayed” or “the strike diverted your package to another service.”
Our consumer in Hancock County admitted that, if he had ordered something, he might have clicked on a malicious link when the first email arrived. Still, he said the lack of a phone number or company logo in the message made him suspicious enough to refrain.
In 2015, 782 Maine residents reported to the U.S. Justice Department that they had been the victims of internet crime. Their losses totaled more than $1 million. Don’t join their ranks. If you receive a notice that you think might be legitimate, look up the phone number of a local office and call — don’t click on or call a number that criminals may have spoofed to make it appear real.
To file a complaint with the FBI’s Internet Crime Complaint Center, visit ic3.gov online. If you’re threatened over the internet via email, chat room, website or other means, call 911 or contact your local police agency.
Consumer Forum is a collaboration of the Bangor Daily News and Northeast CONTACT, Maine’s all-volunteer, nonprofit consumer organization. For assistance with consumer-related issues, including consumer fraud and identity theft, or for information, write Consumer Forum, P.O. Box 486, Brewer 04412, visit https://necontact.wordpress.com or email firstname.lastname@example.org.