On Sun, 20 Nov 2011 14:00:05 -0800, Ian Fairclough
<[log in to unmask]> wrote:
>The message below is very similar to the one I got recently, which I unfortunately didn't recognize as spam
You have been an unfortunate victim of "social engineering".
Below are tips to help anyone recognize probably harmful spam (any kind, not
just this):
Does the USPS have your email address at all?
Probably, no.
Did you give your email to USPS when you mailed the package?
No.
Have you ever, at any time before received any legitimate email like this from
the USPS?
Probably, no.
What makes you think the USPS cares enough to notify you in this case? Have
they ever done so before?
No.
"Please print out the shipment label attached ..."
This requires you to decode the attachment. How many times have you been told
to NEVER, EVER, EVER, under ANY curcumstances decode an attachment from a
questionable or untrusted or doubtful source?
Hundreds to thousands.
What is this if not an attachment from a questionable or untrusted or doubtful
source?
DO NOT EVEN THINK ABOUT decoding the attachment. Delete immediately.
"...and collect the package at our office."
The USPS NEVER, EVER requires a new shipping label to pickup a package.
No reason to print.
Did you inspect the full email Received: headers to verify the mail actually
came from a USPS server?
http://www.haltabuse.org/help/headers/index.shtml
----------------------
Similar spams:
Anything purporting to be from
IRS
USPS
EFTPS (Electronic Federal Tax Payment System)
ACH Clearing house
Any Bank (legitimate banks never send email with attachments)
Almost anything purporting to be from
UPS
DHL
FedEx
unless you have very recently (2-3 days or less) sent a pkg.
If so, inspect EXTREMELY carefully. Go to their website. Call with the
tracking number. DO NOT TRUST EMAILS!
Anything stating it is an invoice, or refund, or clearance sale, or ...
DO NOT TRUST EMAILS!
--------------------------------------------------------
Here is another example: (which was trapped and did not go to the list)
From: "message daemon" <[log in to unmask]>
To: <lstown-l @peach.ease.lsoft.com>
Subject: Your Tax Payment ID 98787634 is failed.
Date: Tue, 02 Aug 2011 21:18:58 -0800
(Note the date. This msg was received 11/8/2011)
Your Federal Tax Payment ID: 34345092 has been rejected.
(note this Tax Payment ID is different from the one in the Subject: line)
Return Reason Code R21 - The identification number used in the Company
Identification Field is not valid.
Please, check the information to get details about your company payment in
transaction contacts section:
(note broken English)
attach name = report.18653.pdf
(note broken English)
In other way forward information to your accountant adviser.
(note broken English)
EFTPS: The Electronic Federal Tax Payment System
PLEASE NOTE: Your tax payment is due regardless of EFTPS online availability.
In case of an emergency, you can always make your tax payment by calling the
EFTPS.
(note no further identification, phone#, signature block, etc.)
----------------------------
The message Received headers:
Received: from tlhtu.com (121.245.26.70.cdma-hyderabad.vsnl.net.in
[121.245.26.70]) by PEACH.EASE.LSOFT.COM (SMTPL release 1.1c) (envelope-from
<[log in to unmask]>) for lstown-l @peach.ease.lsoft.com with TCP; Tue,
8 Nov 2011 11:23:47 -0500
No branch of the US government uses a mail server located in India. This
cannot possibly be legitimate.
Also a lookup on the domain 'eftps.com' shows it does exist, but belongs to
Domain Admin
Bank of America
Dallas TX 75202
i.e. not to US Government or IRS.
------------------------------
Do not be taken in by such things. They are bogus in 99.9999999999% of cases.
(note I don't say 100% because one day I'll win the lottery. The odds of that
are far better than any such spam email will turn out to be legitimate.)
############################
To unsubscribe from the LSTOWN-L list:
write to: mailto:[log in to unmask]
or click the following link:
http://peach.ease.lsoft.com/scripts/wa.exe?SUBED1=LSTOWN-L&A=1
|
