The state Department of of Agriculture, Trade and Consumer Protection is warning parents and students about a scam involving shipping emails filled with malware.
In a press release from the department, the scam is described like this: students returning to campus often order items online and have them waiting for them to make moving easier. Scammers will send fake email notifications that look as if they’re from reputable shipping companies to students with messages filled with malware.
The emails will typically list some type of problem with the shipment, ask for account information or ask the recipient to click on a link to confirm shipping.
Here’s advice from the DACTP on how to spot the fake emails and avoid getting taken:
- Poor grammar and spelling errors in emails that claim to come from major organizations. If the message is sloppy, it likely did not come from a legitimate business.
- Sender addresses that don’t match the URL for the company that supposedly sent the email. For example, the “From:” line in a recent fake FedEx email noted that the email came from “Brenda” and gave an Italian email address, not a fedex.com address (see example on next page).
- Shipment emails that lack specifics about the sender or the package’s supposed contents.
- Emails asking you to open an attachment in order to review an order. Never open an attachment in an unsolicited or questionable email.
- Emails containing threats that a package will be returned to the sender and you will be charged a fee for not responding to the message.
- If you question whether an email link is legitimate, hover the mouse over the link (but don’t click it!). At the bottom of your browser window, you can view the URL where the link would actually take you.