"Wierd "UPS" Email Confirmation of Delivery" Topic

Checking my email this morning, I found a UPS (or what it claimed to be) delivery confirmation email. I thought it might be an item I had ordered. Opening the email it says it was delivered to someone (name unknown to me) in Florida, back in October of 2010! I thought it may have been something misdelivered back then so I try to open the link for details and then I get a computer warning of an "attack." If it was, please be aware of this kind of stuff. Regards, Dean

Hope you didn't sign in or give any info. I get those all the time-FAKE DELIVERIES!

Yes, this is one of the more common "phishing" attacks. Other common ones are bounced email, E-cards, paypal payments, ebay notifications, bank notices etc. Most will have an attachment, but some will have a link to a website that looks official and asks you to log in. When you log in with your account and password they often say there was an error and in soem cases send you off to the real log-in site. Unfortunately, they just got your username and password. The attachments are often viruses or trogans.

Basically, you need to be very careful with all such emails and if your bank etc needs something from you they normally do not use email in this way. Never use the link in the email to log in, if you think it may be legit, go the the website yourself and log in the normal way. Never ever bother with E-Cards, they are just asking for trouble and not worth it. Too bad so many people have nothing better to d than think up this crap. It is especially hard on older computer users that are just too trusting. Constant battle with my parents to stay away from such things.

Jeff

Well, damn, I fell for that.

I had no account, so I registered. I am not sure this gives them any info beyond my email and a made up ID and password – although, of course, it's a password I have used before. Not for bank accounts or anything similar.

What do I need to do?

Thanks for the warning. I used to get phished all the time for my WOW account info.

Mexican Jack

It depends on the attack type

They could use your email to send spam attacks out

If you use that password on anything sensitive I would change it ASAP also

Also consider changing your email address as if used for spamming could stop you getitng on certian forums etc

Tip – I have a second email account on my main one I use to sign up etc, so keep my main email for friends and family only, so not so bad if I need to change (use Outlook or googlemail to sync them all)

I would Also run a virus scan to be 100% as sometimes the links can also download trojans etc to your PC.

If you recieve any email even from trusted sources, I would never click on th elinks always manualy load websites up and log in that way to be safe.

I had an email from Amazon saying a payment had not gone through and I still logged in manualy rather than using a link,(In thi scase it was a proper email as my bank had done a security check on my card and held it till I confirmed my payments – just took them a day or two to let me know due to Christmas)

As I say better safe than sorry

Hope thi sadvise is useful

Al

Wow – okay, lesson learned. Didn't provide any info (no log in, etc.); only clicked on a link and my computer blocked it. The first link with the delivery info did look "official" though. Hope your info is intact Mexican Jack. Regards, Dean

Yeah…they are going around…got a couple of people at my office.

That is the problem, many of them are designed to look official. If you look at the actual link though, it won't be to the actual site. You may get an email from "Amazon" showing a link to amazon.com but the link will actually be to bargle.fark.net/Amazon.html or something like that. Sometimes they even get more devious and do something like amazon.fark.net/login.html to try and trick you. They know people know what to look for and try to make them more convincing. If you want to see what the real link is, just mouse over the link you see in the email, and it will show up on the bottom left of your browser in most browsers.

Also check the message source of the e-mail to see where it's really from. If it doesn't look right, forward it to the security/spoof/fraud department of what you think is the actual originator, and they can confirm it.

Allen