The hoax email sounded so plausible
By Spencer D Gear PhD
I have been warning people on this homepage since 2013 about the damage done by hoax email and misinformation on the Internet.
However, on 7 January 2016 I was a sucker to such an email myself. When I woke up to its content and origin, I deleted it immediately. This is how it happened.
Hoax email content
I received an email with a heading that incorporated UPS [United Parcel Service]. Since I have lived in the USA, I knew of the extensive delivery of packages by UPS. The email stated that a UPS package was unable to be delivered to me and that I should pick it up at my local UPS agency. There was an attachment that gave the details.
What caused me to query such a statement in my mind was that I live in Australia and do not know of a local UPS agency. UPS is a USA based agency that has a worldwide distribution network.
What made it sound plausible was that it gave a delivery number and there was an attachment that I attempted to open. It was then that I realised this was a hoax with a nasty intent. My virus protector kicked in with a scan.
I immediately looked at the sender’s email address and it had no connection to UPS.
Confirmation of evil intent
I went searching to find if this kind of hoax had been experienced by others. Snopes.com confirmed the fraudulent nature of this email:
We have become aware there is a fraudulent email being sent that says it is coming from UPS and leads the reader to believe that a UPS shipment could not be delivered. The reader is advised to open an attachment reportedly containing a waybill for the shipment to be picked up.
This email attachment contains a virus. We recommend that you do not open the attachment, but delete the email immediately.
UPS may send official notification messages on occasion, but they rarely include attachments. If you receive a notification message that includes an attachment and are in doubt about its authenticity, please contact firstname.lastname@example.org.
Please note that UPS takes its customer relationships very seriously, but cannot take responsibility for the unauthorized actions of third parties (snopes.com 1995-2016, ‘Package Delivery Virus’).
The UPS offers this warning on its website, ‘New Fraudulent Email Circulating’. It stated:
Unfortunately, I had deleted the email I received before I was able to report it to UPS. In fact, it was only after deletion that I investigated what UPS recommended that I should do.
Criteria for identifying email and Internet hoaxes
The Australian government has online help with its article, ‘Recognise scam or hoax emails and websites’ (Department of Communications and the Arts).
WikiHow has a valuable article on How to Spot an Email Hoax or Phishing Scam. This article deals with:
On 7 January 2016, I learned these criteria from the mistakes I made:
1. If the wording of the heading of the email sounds strange, it probably is and warning bells should be ringing not to open it.
2. I should have recognised this as I’ve had nothing to do with UPS and knew of nobody who was sending me a parcel via UPS. My three overseas books from the UK had arrived in the last few days and I knew they were coming through Australia Post.
3. Then look at the email address of the sender. Is it an email with which you are unfamiliar or is it a variation of a familiar email, but with some contamination?
4. If so, do not open the email but go searching the hoax sites (see below), using the exact wording of your email content, to investigate if this is a phishing method that has been used previously and is being used on you.
5. If possible, advise the reputable source that may be associated with the hoax email so that it knows of this contamination of its product.
Beware of those email fraudsters
Many people are falling victim to circulating Internet and email hoaxes about various subjects. I got caught myself yesterday. We are all vulnerable to these con men and women on the Internet who want our money and to ruin our computers and reputations through spreading viruses.
Many of these hoaxes can be checked out at various sites on the Internet that investigate possible hoax emails and Internet smears. These are the ones I use regularly:
Copyright © 2016 Spencer D. Gear. This document last updated at Date: 8 January 2016.