Fake emails from UPS Services (Phishing)
Fraudulent emails claiming to be sent from UPS and a variety of different fake UPS email phishing scams have been around for many years. The primary objective of these fake UPS email scams is to infect computer systems with malicious payloads (Trojan horses) by tricking victims into believing that UPS, UPS Express Services, and/or UPS Logistics Services needs them to download an email attachment for reasons relating to errors with their service, such as errors with shipping addresses and item weight.
These fake emails that masquerade as the United Parcel Service (UPS) may have a subject line similar to “UPS – Your package is available for pickup ( Parcel 4SC8PU1C )” and may appear to be sent from a legitimate UPS email address such as email@example.com, firstname.lastname@example.org, and so on. If you have received this email please ignore it and delete it immediately. If you believe you have been infected with malware due to the fake UPS email, we have listed instructions further below.
Content often contained in these fake emails should be ignored as it is untrue. Common content has been detailed below:
The courier company was not able to deliver your parcel by your address. Cause: Error in shipping address. You may pickup the parcel at our post office. Please attention! For mode details and shipping label please see the attached file. Print this label to get this package at our post office. Please do not reply to this e-mail, it is an unmonitored mailbox! Thank you, UPS Logistics Services. CONFIDENTIALITY NOTICE: This electronic mail transmission and any attached files contain information intended for the exclusive use of the individual or entity to whom it is addressed and may contain information belonging to the sender (UPS , Inc.) that is proprietary, privileged, confidential and/or protected from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distributions of this electronic message are violations of federal law. Please notify the sender of any unintended recipients and delete the original message without making any copies. Thank You
These fake UPS emails can be sent to anyone at any time, but many victims have complained to have received these emails after purchasing items online (*this may be the results of third-party spyware) or after expecting a package to be sent. However, UPS will not send emails like this and in similar situations and will instead return the parcel to sender or instruct the individual to log into the UPS website using their tracking number.
An easy way to determine that these emails from UPS are fake is the fact that no realistic identification information about the parcel is listed, including who the parcel is from, where the parcel is being shipped, and so on.
How to deal with fake UPS email scams
- If you received an unsolicited email claiming to be from UPS avoid and delete the dangerous and fraudulent email. These email scams are related to very-severe forms of computer viruses including cryptoviruses such as ransomware that are initially introduced via Trojan horses.
- If you clicked links contained in the fake email sent from UPS it is recommended to immediately scan your computer for malware and viruses that may have infiltrated your computer system using Malwarebytes Anti-Malware software:
1. Install the free or paid version of Malwarebytes Anti-Malware software.
2. Once Malwarebytes is installed, run the program. If you are using the free version of Malwarebytes you will be prompted to update the database, please do so.
3. Navigate to the first tab labeled “Scanner” and select the Perform full scan option. Click the Scan button to perform a full system scan. Malwarebytes will automatically detect malware that has infected your computer system.
4. Once the full system scan is complete, Malwarebytes may prompt a message stating malicious objects were detected. Select the malicious objects and click the Remove Selected button to completely remove the malicious files from your computer (the image below shows a file that is NOT selected).