not on facebook
ANNOUNCEMENT : ALL OF ROYAL MAIL'S EMPLOYMENT POLICIES (AGREEMENTS) AT A GLANCE (UPDATED 2017)... HERE




Fake email scam warning:Updated as and when.

08 Mar 2011, 13:42

http://www.avonandsomerset.police.uk/Lo ... &t=1&lid=4

Police are warning people who sell goods on auction sites to beware of email scammers.

Anyone using these on-line sites should be aware of the dangers of sending out goods before you have received any money.

One scam, that seems to be happening more frequently, involves people visiting sites such as E-Bay, Trade It or Gumtree, posing as genuine buyers and tricking people into sending their property to an address, (normally overseas) in the belief it has already been paid for.

The fake buyers offer a price for something they want and then say they will make a payment through PayPal.

PayPal can be used to make purchases online. The user sets up an account and funds can be transferred into, or paid out of that account. This eliminates the need to give out credit card or bank account numbers, making it a more secure method of payment.

However, these fake buyers then send sellers fraudulent PayPal emails that look very genuine.

The email claims to be a notification of funds pending that will be paid into the sellers' PayPal account as soon as a tracking reference number is given to ensure the items have already been posted.

The sellers then post off their property and email the tracking number in the belief that the money has already been paid and is waiting to be transferred, but they never see a penny.

Max Wilshaw, from Bristol, was recently a victim when he tried to sell his iPhone on E-Bay.

Mr Wilshaw said: "The person put a bid in for it but then emailed me separately on my personal email.

"They said they were in a hurry to get it and would pay a bit extra to cover the cost of me sending it by special delivery through Royal Mail. But they specified it had to be Royal Mail.

"Then I got an email, so say from PayPal, which said that £600 was pending payment into my account but that I needed a mail tracking reference number in order for the funds to be released.

"When I think about it in hindsight there were little signs, but I guess I was in a such a hurry to get the money and get rid of the phone that I didn't see it.

"When I look at the "sent from" address on the email it's actually slightly different to the genuine PayPal address, but the email had all the PayPal and E-Bay logos on it so it all looked very official.

"It's really annoyed me because now I'm out of pocket and I didn't realise that once you send something with Royal Mail, even if it hasn't gone yet, they can't interfere with it or retrieve it because it is "the Queen's post".

"So even though I realised very quickly that I had been conned I couldn't get the package back. Thinking about it, that is probably why the scammers specified that I use Royal Mail.

"I would advise anyone sending goods to make sure they don't physically send it until the money is in their PayPal account. In future I would probably use a private courier service as they can actually stop a delivery in its tracks."

DC Greg Brunt, from the financial investigation unit said:"PayPal will NEVER send an email asking for a tracking reference number.

"If you do receive correspondence from PayPal or even a site like E-Bay and you are not sure if it is genuine, you can always ring those companies directly and find out.

"The awful thing about this scam is that not only do the sellers lose their property, but often they are left out of pocket because they have paid large sums of money for post and packaging, especially those selling large items.

"The best way to avoid being a victim of this type of fraud is to not send any goods out until you can see the funds in your PayPal account.

"If you can't see it, simply wait."

Re: Fake email scam warning:Update Sept 2011

23 Sep 2011, 21:22

Fake Royal Mail e-mails with virus attachment

Emails with an attachment are being sent out regarding a package waiting for you at the local Delivery Office,these are NOT from Royal Mail
Royal Mail do not use this as a service.
Even if your anti virus does not throw anything up,please do not open and please delete...

"IMPORTANT: Royal Mail Delivery Invoice #1092817" Virus / Trojan
The wording may vary, but this is a PDF exploit currently doing the rounds pretending to be from Royal Mail. Sophos, F-Secure and Avast detect it along with some other products (VT results here) but otherwise detection is patchy.

Subject: IMPORTANT: Royal Mail Delivery Invoice #1092817
From: "Royal Mail" <delivery@royalmail.com>
Date: Wed, April 14, 2010 11:28 am

We missed you, when trying to deliver.

Please view the invoice and contact us with any questions.

We will try to deliver again the following business day.

Royal Mail.

Attachments:
Royal_Mail_Delivery_Invoice_1092817.pdf


Error in the delivery address No27118

Dear customer.

A courier did not deliver the package to your address.
Reason: ncorrect delivery address of the package.
Information about your package is attached to the letter.
Read all information carefully and come to the "Royal Mail" office to receive your package.

Thank you for attention.
Royal Mail Service.


and
Royal Mail Delivery refuse

Dear customer.

A courier did not deliver the package to your address.
Reason: The package is too large
Information about your package is attached to the letter.
Read all information carefully and come to the "Royal Mail" office to receive your package.

Thank you for using our delivery company.
Royal Mail Service.


Jess wrote:The one I got this week was:-

From:- support_id.3521@royalmail.com

Dear customer.

A courier did not deliver the package to your address.
Reason: The delivery address is wrong
Please find the attached document containing detailed information about delivery failure.
Read all information carefully and come to the "Royal Mail" office to receive your package.

Thank you.
Australia Post Service.


with attachment :- Delivery_Information#89116.zip

My virus scan says OK, but I wouldn't open it in a month of Sundays.

A customer asked me today about this email, so it must be pretty widespread.


We are discussing this in this thread if you want more information and advice...

viewtopic.php?f=1&t=39074&start=0

Re: Fake email scam warning:Update Sept 2011

24 Sep 2011, 11:31

its made the news as well viewtopic.php?f=18&t=39156

Re: Fake email scam warning:Update Sept 2011

26 Sep 2011, 21:10

Parcelforce email as well with a dodgy attachment...
Dear customer.

A courier did not deliver the package to your address.
Reason: Your address is in the stop-list of the delivery
Information about your package is attached to the letter.
Read all information carefully and come to the "Parcelforce Service" office to receive your package.

Thank you.
Parcelforce Service.

Re: Fake email scam warning:Update Sept 2011

03 Oct 2011, 11:25

DHL...
Dear customer.

Your package has been returned to the DHL office.
Reason: The delivery address is wrong
Information about your package is attached to the letter.
Read all information carefully and come to the DHL office to receive your package.

Thank you.
Customer service.

Fake email scam warning:Updated as and when.

19 Oct 2011, 12:47

http://nakedsecurity.sophos.com/2011/10 ... +Sophos%29

Image

Cybercriminals have spammed out malware, posing as an email from the Royal Mail.

The emails, which claim that a package has been returned to the Royal Mail office, pretend to come from official-sounding addresses such as customer@royalmail.com or customer_service@royalmail.com.

Opening the attached file could lead to your Windows computer being infected by a Trojan horse.

Here's a typical example of what is being spammed out:

Image

Dear customer.

A courier did not deliver the package to your address.
Reason: The package is too large
Information about your package is attached to the letter.
Read all information carefully and come to the "Royal Mail" office to receive your package.

Thank you for your attention.
Royal Mail Service.

The reason given for non-delivery of the parcel can vary. For instance, the email might claim that your address does not exist, or that the parcel is too large.

Subject lines can vary also. Here are some of the examples we have seen in our traps:

Error in the delivery address No30173
You should come to the Royal Mail office and receive a package
Track your shipment No24127
Cancellation of the package delivery
Track your parcel No9782
A package is available for reception
Get your parcel No083
Error in the delivery address No40046009
Error in the delivery address No0633376
You should come to the Royal Mail office and receive a package
Delivery Problem
Royal Mail Delivery information

The dangerous thing, of course, is the attachment. It's a ZIP file that Sophos's anti-virus products intercept as Mal/BredoZp-B and Mal/EnckPK-AAT.

(If you use a security product from another vendor, here is the MD5 hash which you can use to determine if you are protected: 6bd53a62c768f7ce8663310ed404b89c)

I have to ask myself - why are people believing these emails are from the Royal Mail in the first place? I mean, how do they think the Royal Mail got hold of their email address?

Malware attacks posing as messages from parcel delivery companies are nothing new of course - but we're more used to seeing attacks pretending to be from the likes of UPS, FedEx and DHL than the Royal Mail.

Always think before clicking on unsolicited attachments which arrive unexpectedly in your email. It's an old trick, but the reason why malicious hackers still use it is because it works.

Re: Fake email scam warning:Updated as and when.

13 Jun 2012, 17:01

UK Royal Mail <shipping.nr127@royalmail.com>
Fake Royal Mail e-mail with virus attachment

Royal Mail Notification,

We couldn’t deliver your parcel at your address.
Reason:It’s not right specified size and the weight of parcel.

LOCATION:Oklahoma City
STATUS OF YOUR ITEM: sort order
SERVICE: Expedited Shipping
NUMBER OF YOUR PARCEL:U292655027NU
INSURANCE: No

The label of your parcel is enclosed to the letter.
Print your label and show it in the nearest post office of USPS

Information in brief:
If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it's keeping in the amount of $21.48 for each day of keeping over limited time.

You can find the information about the procedure and conditions of parcels keeping in the nearest office.


Thank you for attention.
Royal Mail Customer Services.

Re: Fake email scam warning:Updated as and when.

20 Aug 2012, 20:58

TrueBlueTerrier wrote: http://nakedsecurity.sophos.com/2012/08 ... l-malware/

It's wise to be wary when it comes to unsolicited email, even when the email appears to come from a legitimate organisation.

Today we're warning internet users to be careful not to be tricked into open attachments that have been spammed out, posing as communication from the British Royal Mail.

Image

A typical email reads:

Royal Mail Group Shipment Advisory

The following 1 piece(s) have been sent via Royal Mail on Mon, 20 Aug 2012 15:43:14 +0530, REF# 5646597645

SHIPMENT CONTENTS: Documents

SHIPPER REFERENCE: PLEASE REFER TO ATTACHED FILE

ADDITIONAL MESSAGE FROM SHIPPER: PLEASE REFER TO ATTACHED FILE

Royal Mail Group Ltd 2012. All rights reserved

It should go without saying that the emails are not connected with the real Royal Mail in anyway, despite them appearing to arrive from noreply@royalmail.com and containing the Royal Mail's logo.

The cybercriminals who have distributed the attack are hoping that your curiousity will be piqued, and you will be tempted to open the attached ZIP file in the mistaken belief that a parcel is winging its way to you.

Contained within, however, is not a Royal Mail shipping advisory but a file called royal_mail_shipping.exe, detected by Sophos as the Troj/Backdr-HE Trojan horse.

The technique of disguising a malware attack as an email from a delivery company is nothing new, of course. Many internet users will be aware of the attacks we have seen in the past that have pretended to come from the likes of DHL, FedEx and USPS for example.

Chances are that a malware attack that is less likely to be as successful as those which abuse the name of global delivery companies, but there is always the danger that some people will click without thinking and have their computers infected as a result.

Re: Fake email scam warning:Updated as and when.

28 Jan 2013, 21:40

Just got one from Fed Ex...not.

fed ex.jpg


***********(random sweary word). :cuppa
You do not have the required permissions to view the files attached to this post.

Re: Fake email scam warning:Updated as and when.

29 Jan 2013, 12:52

I have been getting 3 of them everyday for about 2 weeks now - luckily never ordered anything so thought it was spam rather than a trojan.

Re: Fake email scam warning:Updated as and when.

18 Feb 2013, 10:01

i get them and ive never even signed up to e bay or any auction site

Re: Fake email scam warning:Updated as and when.

27 Aug 2013, 14:45

Scraping the barrel now.
Got one from the United States Postal Service..
That's likely. :roll:

usps.jpg


Look forward to next week's from Latvia Post. :cuppa
You do not have the required permissions to view the files attached to this post.

Re: Fake email scam warning:Updated as and when.

28 Feb 2014, 10:26

http://www.theguardian.com/money/2014/f ... royal-mail

PC users: beware of CryptoLocker malware

'Ransomware' attached to email purporting to come from Royal Mail will permanently encrypt all files on your PC


PC users are being warned to be on their guard against emails purporting to be from the Royal Mail and containing CryptoLocker, a malicious piece of software that locks computers with an unbreakable encryption.


The email states that a lost or missing package is waiting for you at your local sorting office and asks recipients to download an attachment to find out more. Those who do immediately start to install the CryptoLocker malware on to their computer, without realising what they have done.


CryptoLocker will encrypt all the data on the computer, including photos, music and personal documents, using a public key.


A message will then appear on the screen stating that all of the data is locked and can only be unlocked with a private key, which the scammers promise to hand over once the computer owner has sent them a payment.


The fraudulent Royal Mail email was discovered when a victim contacted the Action Fraud call centre. It is the second piece of malware hidden in a fake Royal Mail email that has come to light in recent months.


As a result of the scams, Royal Mail has issued advice warning members of the public that it will never include attachments in an unsolicited email, and stating that it does not email its customers asking for any personal information. It has also notified the National Fraud Intelligence Bureau.


"We encourage any customer who receives a suspicious email claiming to be from Royal Mail to contact our customer services department on 08457 740 740," a spokesperson said, adding that the company follows "robust security procedures" to protect its customers.


Anyone wishing to book a redelivery of a Royal Mail parcel can do so online at the Royal Mail website.


Scammers using CryptoLocker typically ask for ransoms of either $300 or €300, which must be sent through an anonymous pre-paid cash voucher such as MoneyPak or Ukash or the equivalent amount in Bitcoins.


If the extortionists do not receive the payment within 72 to 100 hours, victims are warned the private key will be destroyed and nobody will ever be able to recover their data.


The encryption uses publicly available, well-established algorithms developed by governments and other legitimate bodies that means it is widely seen as unbreakable. When Guardian Money warned readers about CryptoLocker ransomware in October, a spokesperson for security firm Sophos told us that "if you haven't got back up and you get hit by CryptoLocker, you may as well have dropped your PC over the side of the bridge".


Since then, it is estimated that more than 250,000 PCs have been infected and the UK's National Crime Agency has warned 10 million UK-based email users are being targeted.


Only PCs running Windows can be infected but the CryptoLocker malware can be hidden in any executable attachment or sneak on to your computer via a driveby download from a disreputable or infected website.

10 ways to beat CryptoLocker...
http://www.theguardian.com/money/2013/o ... tect-files

Re: Fake email scam warning:Updated as and when.

28 Feb 2014, 10:28

Notification

Our company’s courier couldn’t make the delivery of package.

REASON: Postal code contains an error.
LOCATION OF YOUR PARCEL: London
DELIVERY STATUS: sort order
SERVICE: One-day Shipping
NUMBER OF YOUR PARCEL: WZGMNKR97Z
FEATURES: No

Label is enclosed to the letter.
Print a label and show it at your post office.

An additional information:

If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $9.26 for each day of keeping of it.

You can find the information about the procedure and conditions of parcels keeping in the nearest office.

Thank you for using our services.
DHL Global.




--------------------------------------------------------------------------------


Viruses found in the attached files

DHL-88921772-9200-9173.zip: Virus found FakeAlert

Re: Fake email scam warning:Updated as and when.

15 Jun 2015, 13:27

Beware of Royal Mail scam emails that contain Cryptolocker

http://www.actionfraud.police.uk/beware ... cker-feb14

Fraudsters are sending out virus infected emails to victims that claim a package is waiting for them at their local sorting office.

The emails are similar to the ones we alerted to December but this time fraudsters are hoping that email recipients are waiting for a delivery and download the attachment to find out more.

One victim, who contacted our call centre, downloaded the attachment and unwittingly installed Cryptolocker on her computer. Once installed CryptoLocker works by encrypting victims personal files such as, photos, music, office documents and then demands payment.

Infected users have a time limit to send the payment. If this time elapses, the private key is destroyed, and your personal files may be lost forever.

If you receive one of these emails, do not click on any links or download any attachments and report it to us.
There are two new 2015 variations being sent by fraudsters, click here to find out more.
Advice from Royal Mail on scam emails

Royal Mail will never send an email asking for credit card numbers or other personal or confidential information.
Royal Mail will never ask customers to enter information on a page that isn’t part of the Royal Mail website.
Royal Mail will never include attachments unless the email was solicited by customer e.g. customer has contacted Royal Mail with an enquiry or has signed up for updates from Royal Mail.
Royal Mail have also stressed that they do not receive a person’s email address as part of any home shopping experience.

To report a fraud and receive a police crime reference number, call Action Fraud on 0300 123 2040

Previous page Next page


Page 1 of 2   1, 2