November 12, 2019

New USPS Scam Arrives in Inboxes, Just in Time for the Holiday Season

New USPS Scam Arrives in Inboxes, Just in Time for the Holiday Season

Do NOT Open The Attached File


scam image


Today, I had a couple of USPS delivery notifications land in my inbox. 2 of these notices were legitimate. However, the third was not.  The fake e-mail was so good, I almost thought it was real.. Were I not an "Informed Delivery" user, I might have fallen for it.



Now I do a LOT of online shopping, so I get a lot of packages. I also get a lot of delivery notices. I even received a package on Veterans Day, when mail delivery does not occur.  And I actually received a package on November 9. Curious to see if the postal person had not properly scanned that package, I headed over to my Informed Delivery Inbox on the USPS Website.  I saw no "unsuccessful" delivery attempts. (For those who do not participate in Informed Delivery, unsuccessful delivery attempts are shown in your inbox there. Every time you get one of those orange cards instead of your actual item, an "attempted delivery" will show on your Informed Delivery page.) I also saw that the two packages scheduled for delivery today were waiting for me in my mailbox.

Since my informed delivery was NOT showing any unsuccessful delivery attempts, I went back and scrutinized this scam e-mail.  I checked to see from what address the mail was sent.


As you can see, this e-mail was sent from noreply@usps-deliveryservice.com. To see why this is problematic, let's look at one of my legitimate delivery notices.


As you can see, the legitimate e-mail was from auto-reply@usps.com. This raised a huge flag for me.  So I decided to run a whois on the usps-deliveryservice.com domain. Here is what that revealed:

Registrant Name: Gladkov Dmitry
Registrant Organization:
Registrant Street: Belinskogo 154-23 
Registrant City: Yekaterinburg
Registrant State/Province: Sverdlovskaya oblast
Registrant Postal Code: 620130
Registrant Country: RU
Registrant Phone: +7.9613791881
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: gladkoff1991@yandex.ru

So you can see, this is a domain that was registered by a Russian, and is NOT at all affiliated with USPS. The attachment is sure to contain a virus or some other sort of malware.

With the Holiday Season upon us, delivery scams are sure to increase. EVERY internet user needs to be diligent about NOT just clicking through.  BOTH USPS and UPS offer "delivery calendars" to help you verify whether an e-mailed delivery notice is the real thing or some sort of phishing attempt.  If you do a lot of online ordering, you should probably enroll in BOTH UPS My Choice (free version) and USPS Informed Delivery (free) to help you verify whether a package has, in fact, had any type of delivery issue. But NEVER blindly trust an e-mailed delivery notice.




1 comment:

  1. If you did open it but not click through any links, you are most likely fine. Still, just to be safe, run a FULL virus scan, and download MalwareBytes (free), and also run a scan with that.

    ReplyDelete

Thank you for contributing to the discussion! Your feedback is valued! (Unless you are a sunglasses or work at home spammer, in which case, your comment will be promptly deleted. :D) The Mods are reviewing it, to keep those types away! ;)