Cosmic Cow Pie: Connecting the Dots

head_left_image

New Package Delivery Scams!

New Package Delivery Scams!

In September I wrote a post "Credit Card Fraud Are You Prepared"  about credit card scams..... now two months later we have SSDD Same Stuff Different Day but with package deliveries at the Holiday time. It really looks like the "Cosmic Shift Happens tm." and it is new every day now!

Watch out and be alert is what I want to SHOUT!  In the last week I have received 3 e-mails about packageshook  Fish from UPS, FedEx and today DHL.

I am wondering how the scam artists got my e-mail and knew I sent a package?

This past week I did send a closing package on some property we sold via FedEx using the pre-paid mailing label and also sent a package of books via priority mail from a UPS store so I WAS out there mailing.

My writer "drama hook" is going full force now so you know this could be a "CSI" or "Castle" episode. The phinishing scams are moving online with big company names so the question is how are the scammers getting the e-mails to notify people and what happens when you open the links they provide?


I mailed a package at a UPS package store last week but paid extra because I just wanted it to go Priority Mail through the U.S. post office and just didn't have time to drive to the post office.  I got a tracking number so I am wondering if my e-mail is on my UPS account and someone is hacking the stores account for packages being sent?  Maybe the hackers possibly know if someone sent a package because they could be hacking into the store accounts. This is the detective work I would certainly like to know the answer to.

It could be the phinishing scam artists are just taking e-mails and spamming everyone thinking this time of year everyone is mailing things.  If you didn't mail something you will probably just delete the e-mail not thinking about anything else.  When they send the virius with three different big company names and logos it is almost certain a reader may have shipped something recently and then opens the attachment to see what the problem is. 

This is a perfect scheme for phinish hackers. In my case, because the first e-mail came the day after I sent the package I did try to open the attachment.  It would not open.... thank you virus protection!  I then saw there were about 5 names on the bcc: so if I would have been thinking I would NEVER have opened the e-mail and just moved on.  The e-mail was sent to 5 other people so when I stop to read, think and reason I see this must be a scam.

I am now alert to the shipping scams and received an e-mail from DHL today.  I have not shipped anything DHL so why would I open the download for information on a package I never shipped? I really should call DHL and get the e-mail to forward this bogus phinishing attempt to help stop this if I can.

This phinishing scam could be a terrible Holiday virus so be alert.. many people are shipping packages this time of year so think before opening.. "Cosmic Shift Happens tm."  Just be careful and think!

Below are the examples of the phinishing attempts.  I have deleted the e-mail addresses but you can get the idea of how they are coming in.  You might want to share what is happening with your friends and family so they don't open any links from the big companies without checking by phone first.

I received this e-mail the day after shipping a package.. upon calling the store and sending them this e-mail they had no clue this was happening. I don't think I will be violating any copyright issues by sharing a SCAM e-mail.. hope not anyway!

Now here is a scarey part I just found out.. when I copied and pasted this into the post.. there were some other words on the bottom that were not visible to me until I ran the cursor down to copy.. this is really creepy. I am going to call another agency to look at this but I am not including it in the post as it had to do with guns.. could just be my legs are getting tired jumping to conclusions but this is VERY strange.

__________________________________________________________________________________________

 

From: "USPS Delivery Service"
To: carra@
Sent: Wednesday, November 10, 2010 10:11:57 PM GMT -07:00 U.S. Mountain Time (Arizona)
Subject: USPS Shipment Status No

Dear Customer!

Your package has been returned to the USPS office.
The reason of the return is - "Error in the delivery address"

Attached to the letter mailing label contains the details of the package delivery.
You have to print mailing label, and come in the USPS office in order to receive the packages.

Thank you for attention.
USPS Global.

(The hidden type was below the signature and was not visible until I used the cursor to copy and paste into this document) 
_____________________________________________________________________________________

 

Subject: FedEx Delivery Problem No
       
Sent By
    "FedEx Logistics Services" <>   On: November 11, 2010 3:57 PM
To: Carra
Bcc: makimi3@.com; khasan086@l.com; roncoffey22@.com; "slc gram" <slc_gram@y.com>

This is a post notification

Your package has been returned to the FedEx office.
The reason of the return is - Incorrect delivery address of the package!

Attached to the letter mailing label contains the details of the package delivery.
You have to print mailing label, and come in the FedEx office in order to receive the packages.

Thank you for attention.
FedEx Customer Services.

_________________________________________________________________________________________

Subject: DHL Tracking number
       
Sent By
      On: November 15, 2010 8:19 AM
To: Carra

 

Dear client.

The company could not deliver your package to your address. The package was returned to DHL office. Information about your package is attached to the letter. Look through the information about your package thoroughly.

Thank you.

DHL Global Services.

_________________________________________________________________________________

 

To top this off.. I got another alert via e-mail on fradulent activity on my American Express

 

Subject: Notification on possible fradulent activities and transactions Sent By "American Express"

On: November 14, 2010 3:35 PM

To: Carra Reply To: security@online.americanexpress.com

Dear Valued American Express Cardholder,

During a recent activity monitoring on your account, we have noticed multiple declined transactions on your American Express Card 37xxxxxxxxxxxxx,

We have a reason to believe that your card and online account is being used by an unauthorized third party. Therefore, we have placed a temporary hold on your account for your security until you verify your account information. Please click on the link below to login to your account and continue, verify your account ownership Should we not get confirmation on your successful verification within the next 48 hours, we'll have no choice but to restrict your account for security reasons. Please understand that this is a security precaution that we take for your own protection. Once you have completed the required steps, your may continue to use your American Express Card and Account Services without any interruption. Thank You Sincerely, Online Fraud Protection Team

 

Copyright The products, account packages, promotional offers and services described on this website may not apply to customers of International Personal Banking (IPB) or Global Executive Banking (GEB). IPB customers should visit the IPB Web site and GEB customers should visit the GEB Web site to obtain such information. Copyright � 2010 American Express, Member FDIC.

 

_______________________________________________________________________________________

Now my mind questions the validity of ALL e-mails and I thought I should call and not worry about the 48 hour notification.  The 48 hour sentence was a push to have me click the link that was in the body of the e-mail to verify my account.  They probably get caught after 48 hours and have to change all the links so those who click get caught in the scam.  Think about that if I would have clicked the box seeing the very realistic American Express logos and verified account information they would have everything.  So head ups to everyone DO NOT verify anything for updating existing accounts online.  Call the company direct. 

I called American Express today and asked them about the e-mail.  There had been no declined purchases and all the charges were mine.  The representative told me to send any questionable e-mails to spoof@americanExpress if I had questions in the future.

The representative also told me about two ways to identify a possible fraudulent e-mail from American Express.

  1. An e-mail from American Express will always have the customers first and last name
  2. The account number reference will be the last 4 or 5 digits of the account.

Looking back at the e-mail it said "Dear Valued American Express Cardholder" and it had the first 2 numbers of my account. 

I did get an e-mail back from American Express which had examples of 5 phinishing scheme e-mails sent in the last week to their customers.  I could not share those because the e-mail said "This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited."

It is good to know when you question an e-mail there is an active department following up on all the leads coming in.

This is a huge wake up call to "READ, THINK and REASON" when opening e-mail from big corporations because the scammers take the logos and really create documents that look authentic. 

This would be a good time to check with your credit card companies to see what fraud protection they have going to help the consumer.

When viewing e-mails from anyone including big corporations with links, THINK before CLICKING! 

Carra Signature Large

 

Facebook  LinkedIn  twitter  flickr  delicious

Cosmic Cow Pie

Carra Riley

Comment balloon 21 commentsCarra Riley & Declan Kenyon • November 15 2010 05:45PM

Comments

It is so aggravating to have to sort through the legitimate and the scam emails.  I do not open emails that I am not expecting or at least familiar with the company--and never the attachments.  My guess is it was a mass email blast or hackers broke into the shipping company's email.  Ingenious, but don't you wish they would use their energy on constructive activities?

Posted by Norma Toering Broker for Palos Verdes and Beach Cities, Palos Verdes Luxury Homes in L.A. (Charlemagne International Properties) almost 10 years ago

Norma ~  That is where my mind is going.. what are they getting when you open the link?  Your passwords, or personal info.. of course if you answer update questions on your credit that is one thing.. but scams like this will keep people from using the internet.

Posted by Carra Riley & Declan Kenyon, Helping people Transition at all ages! (Brokers Guild Cherry Creek Ltd) almost 10 years ago

Carra I've had a couple of these come thru and I know they're bogus. A few folks told me about them - and we need to get the word out so nobody else gets taken by these 'hookers'

 

Featured in BananaTude!

Posted by Anna Banana Kruchten Arizona's Top Banana!, 602-380-4886 (HomeSmart Real Estate BR030809000) almost 10 years ago

Ms. Anna,  AMEN!  Thank you for the feature.. I hope it saves someone from NOT opening something that looks legitimate from a big corporation!

Posted by Carra Riley & Declan Kenyon, Helping people Transition at all ages! (Brokers Guild Cherry Creek Ltd) almost 10 years ago

It's a minefield out there.  Thanks for helping us navigate through it.

Posted by Jane Peters, Los Angeles real estate concierge services (Home Jane Realty) almost 10 years ago

Jane ~  Just a few COW PIES.. every single day.. did you get the new facebook NON e-mail announcement... now you can be connected to Millions through facebook messaging.. they do not want you to call it e-mail.. but it will be ..... your name@facebook.com if you have the vanity url!

Posted by Carra Riley & Declan Kenyon, Helping people Transition at all ages! (Brokers Guild Cherry Creek Ltd) almost 10 years ago
Hi Carra- I've had several of these too. For the most part many have ended up in my "bulk" or "spam" folder but once in a while a few will slip through. Good advice for all of us to be diligent, especially with the holiday season here.
Posted by Kathy Streib, Home Stager - Palm Beach County,FL -561-914-6224 (Room Service Home Staging) almost 10 years ago

Kathy ~  sneaking in with people sending packages all over the country creates a need to really be alert!

Posted by Carra Riley & Declan Kenyon, Helping people Transition at all ages! (Brokers Guild Cherry Creek Ltd) almost 10 years ago

Carra, the scammers are out there and they do not lack for creativity. People have to use their heads and common sense and not get caught up in these attempts at fraud.

Posted by Ed Silva, Central CT Real Estate Broker Serving all equally (RE/MAX Professionals, CT 203-206-0754 ) almost 10 years ago

As you know, Carra, my email was hacked into recently (which you were so great to point out to me, thank you very much).  It's scary.  I have received emails from banks I don't bank with (but did a looooong time ago), PayPal (that I have never actually used) and credit card companies sometimes.  I have become so paranoid about opening links in emails that are even from people I do know that I hardly ever do that.  Apparently, though, I did it once recently and got hacked into.

When I was reading your post, I thought to myself, "Credit card companies always refer to your credit card account number as "XXXX-XXXX-XXXX-1234" (giving the last 4 digits only, not the first 2).  That would have been a red flag to me, too.  I don't open.

If I get an email from my credit card company, I open a new window and log in to my account from the secure URL I know is correct.  If I have a question, I call the company.  I NEVER click on the link provided in the email, even if it does look like it's from the legitimate credit card company.  Better to be safe than sorry!

Posted by Heather Chavez, Real Estate Virtual, Assistant (928) 692-3235 (Second Self Virtual Assistance) almost 10 years ago

Hey thanks.  I recently got this same email for the first time, and I've received a second one this week.  Just wanted to let you know that the first one came, a couple days after I used USPS priority mail for the first ever in my life.  So that suggests your first hypothesis is not crazy.  Also I had invisible text at the bottom, too.  Mine did not mention guns, but it talked about Madame Bonaparte and the Revolution.

Posted by christine almost 10 years ago

This is one I recieved yesterday... I think it's kind of silly how "similar" it is to your DHL email. XD

 

Dear client!

FedEx could not deliver your package to your address. The package was returned to FedEx office. Information about your package is attached to the letter. Look through the information about your package thoroughly.

Thank you.

FedEx Global.

Posted by rachel almost 10 years ago

Christine~  I am So happy to read that someone else actually saw the hidden text... It is a perfect NCIS or Castle theme... there looks to be something going on! 

Rachel  ~  This is a huge message... the phinishing scams are targeting everyone at a time when most people are starting to ship things.... Not so good :( and very sad.. so  a good message to all is to get the virus protection upgraded to make sure your computer is safe!

Posted by Carra Riley & Declan Kenyon, Helping people Transition at all ages! (Brokers Guild Cherry Creek Ltd) almost 10 years ago

Ed~  I think you are right.. we have to share our stories with our customers to help them see just how creative this process is becoming.  Very Sad.

Heather ~  I was happy to help.  The first time someone hacked into my facebook account I was stressed to the MAX for 3days.... I lost friends and vowed to ALWAYS help others if I saw something that did not look right when I got something from them... I do that all the time... even people I really don't know too well, when I get what I KNOW to be a virus if I click the link... I go on their wall and warn them and send them a direct message alerting them that there could be a problem just like I did with you.  I knew you would not send me a message like that so I contacted you... It makes me very happy to know I helped stop it! 

Posted by Carra Riley & Declan Kenyon, Helping people Transition at all ages! (Brokers Guild Cherry Creek Ltd) almost 10 years ago

Ed~  I think you are right.. we have to share our stories with our customers to help them see just how creative this process is becoming.  Very Sad.

Heather ~  I was happy to help.  The first time someone hacked into my facebook account I was stressed to the MAX for 3days.... I lost friends and vowed to ALWAYS help others if I saw something that did not look right when I got something from them... I do that all the time... even people I really don't know too well, when I get what I KNOW to be a virus if I click the link... I go on their wall and warn them and send them a direct message alerting them that there could be a problem just like I did with you.  I knew you would not send me a message like that so I contacted you... It makes me very happy to know I helped stop it! 

Posted by Carra Riley & Declan Kenyon, Helping people Transition at all ages! (Brokers Guild Cherry Creek Ltd) almost 10 years ago

Carra, thank you.

Have a great weekend!

Posted by Joshua Zargari, MJ Decorators Workshop (MJ Decorators Workshop LI staging and home decorating) almost 10 years ago

Joshua ~  you too!

Posted by Carra Riley & Declan Kenyon, Helping people Transition at all ages! (Brokers Guild Cherry Creek Ltd) almost 10 years ago

Howdy and evening to you Carra

Carra,
there sure are a lot of different kinds of scams out there, that folks need to be on the look out for. And they sure do really come out of the woodwork at this time of year. It sure was mighty kind of you to post about this.

Have a good one
Dale in New Hampshire

Posted by Dale Baker, New Hampshire Relocation Real Estate Information (Baker Energy Audits and Commercial Properties Inspections) almost 10 years ago

Carra, I have been getting these as well. Not just for shipping … for PayPal and my bank account password needs to be changed. Frustrating scams … we cannot be too careful.

Posted by Kathleen Daniels, Probate & Trust Specialist, Probate Real Estate (KD Realty - 408.972.1822) almost 10 years ago

Just always remember that businesses don’t contact you by email unless you gave them prior permission to for a specific order, and after that order is complete, so is your permission.

Posted by Jim Frimmer, Realtor & CDPE, Mission Valley specialist (HomeSmart Realty West) almost 10 years ago

Just reading this now . . . but I get those things all the time as well.  Whenever I do send a package out, I have the tracking number and follow it on the company's website. 

Posted by Carla Muss-Jacobs, RETIRED (RETIRED / State License is Inactive) almost 10 years ago

Participate