Is that Email from the United Parcel Service Legit?

Everyone likes to get a package in the mail, so when you get an email from UPS saying a package is on the way you’re naturally curious – and that’s what scammers are counting on.

There are still plenty of crude scams landing in junk mail folders, but higher-end scammers have significantly increased the level of personalization and sophistication of their exploits, making the new generation of scams much harder for consumers to spot.

This UPS scam is a prime example of how these scams work.

Test Your Skills

You should be able to find at least six red flags that tell you this e-mail is fraudulent. Scroll down to the 2nd picture below to see the answers, but first try to find the risks yourself. If you find five, you’re a pro with little to worry about. If you find fewer than four, consider practicing on more of our spam scam examples.


Here are the red flags that identify this message as a scam:


  1. The sender isn’t the United Parcel Service. Criminals have spoofed(forged or faked) the email senders address to make it appear as if UPS sent the email.How can you tell? It isn’t always easy, but often simply typing the email alias into a browser tells the whole story. In this case, the first search result identified this as a scam.
  2. The email isn’t addressed to you.  If UPS was sending you a parcel, they’d know your name.  Don’t be fooled. Keep in mind that if a sender knows your name it does NOT mean the email is legitimate. It just means they know your name and email alias. To learn more about how scammers collect and use your name and email address, see my blog The Epsilon Threat – How a Company You’ve Never Heard of Increased Your Risk of Personalized Phishing Scams
  3. Again, the email is not addressed to you.
  4. The UPS would know your home address and actually show it.  By not showing your address, you know this is a scam. However, just like in point 2, seeing your address displayed would not mean the email is legitimate – the scammers might have done a little more homework and found your home address.
  5. Grammatical Errors.  The UPS isn’t going to have grammatical errors so you know it’s a scam. But if there were no grammatical errors it would not mean the email was legitimate – it just means the sender has decent language skills.
  6. This is the heart of the scam. The entire point of this email is to get you to download the ‘document’.  Doing so puts malware on your computer that gives the criminal behind this scheme access to your computer.  No legitimate company is going to ask you to download anything from an email, so make a hard and fast rule to never, ever click on an unsolicited link or open an unsolicited attachment.

Would you have fallen for this scam if the scammers had been more careful?

  • Would you believe it if the scammer had used your email address and full name? Remember, scammers can buy your name, email address, address, and more for pennies. Heck, for as little as 7 cents, criminals can buy credit card numbers!  (Symantec)
  • Would you believe it if the scammers took the time to make the message have the ‘UPS look’? Scammers can copy and paste that look in a matter of seconds.
  • What if, instead of trying to get you to download something, they provided a link that looked like a legitimate UPS URL? Would that make you click on it? What if, when you hovered over the link to see what the actual URL shown on the bottom of the email displayed, it appeared to be the UPS site? A good fake is too hard for you to discover. Don’t Click. Don’t Download. Find the UPS site yourself using your search engine. Enter the ‘tracking number’ yourself.

If any of these changes – or the combination of these changes – would have influenced your choice, you’re a sitting duck for the next polished scam. While it’s easy to spot many scams by looking at obvious errors, there is ONLY ONE WAY to find out if an offer is genuine.  Fortunately, the way to find out is easy.  It can be summed up in four little words: find out for yourself.

Note: Always use a URL safety tool like McAfee’s Site Advisor (it’s free!) to see whether your search results are safe. The tool shows a green check mark if the site is safe, a yellow exclamation point if there are risks, and a big red X if the site is clearly malicious.

Once on the official site, you can enter the tracking number. Only if you can find the tracking information through the official channel can you be sure the email was NOT a scam.

Remember, a scam may look cheesy or it may be extremely sophisticated.  It may come in email, via a social network, or through your phone. It may come from a friend, from a company, or just look like it comes from one of these sources.

The ONLY way to know if the message is legitimate is to go to the source independently and find out for yourself.

It takes just a moment to validate something; it can take a very, very long time to clean up the mess if you get scammed. Or, as Ben Franklin put it……


To learn more about the increasing sophistication and risks in scams, see my blog Symantec Delivers Threat Report and Excellent Tools that Explain Risks to Consumers.


Comments are closed.

%d bloggers like this: