Spam and phishing attempts that claim to be from the USPS have always been popular. It makes sense. People trust USPS and use the service to send millions of packages daily. Shipping notices sent from them by email are common. That’s why spoofed email that claims to be about USPS shipment can be so deadly to an organization with unfiltered email. Not only will most employees gleefully open the mail, they also will be extremely likely to click on the attachment. If they do, it could be LIGHTS OUT for network security and data integrity.
This specimen received by our honeypot has the following characteristics.
Subject: USPS Shipment Info for 1954 9900 8879 4713 2258 4304
Attachment: USPS-ShipmentInfo-ID-8346-2817-3762-9074…3-38.zip
Message Body:
This is a post-only message. Please do not respond.
Someone has requested that you receive a Track & Confirm update, as shown below.
Track & Confirm e-mail update information provided by the U.S. Postal Service.
Label Number: 0989 8640 2193 0753 1672 6111
Service Type: Priority Mail Delivery Confirmation
Shipment Activity - Please refer to attached report for full detailes
Electronic Shipping 03/15/2012
Info ReceivedReminder: Track & Confirm by email
Date of email request: 03/07/2012
Future activity will continue to be emailed for up to 2 weeks from the Date of Request shown above. If you need to initiate the Track & Confirm by email process again at the end of the 2 weeks, please do so at the USPS Track & Confirm web site at http://www.usps.com/shipping/trackandconfirm.htm
USPS has not verified the validity of any email addresses submitted via its online Track & Confirm tool.
For more information, or if you have additional questions on Track & Confirm services and features, please visit the Frequently Asked Questions (FAQs) section of our Track & Confirm site at http://www.usps.com/shipping/trackandconfirmfaqs.htm
1 Express Mail service commitments are based on drop-off times. See Retail Associate or USPS.com Ž for details.
2 Some restrictions apply.
3 Go to usps.com/pickup for details.Š2012 United States Postal ServiceŽ. All Rights Reserved.
The Eagle Logo and the trade dress of USPSŽ Packaging are among the many trademarks of the U.S. Postal ServiceŽ.Privacy Notice : For more information regarding our privacy policies, visit usps.com/privacypolicy
Solution: Definitely do not open the attachment! Delete the email and make sure to install cloud-based email security in order to ensure this doesn’t happen again. Spoofed email like this is easy to detect and remove.
To learn more about how SaaS Email Security services can help your business, be sure to sign up for a free Email Security Whitepaper today!
Thanks for stopping by. By the way, if you did receive this email, what email host were you using? You don’t have to be specific, but let us know if you’re receiving this at a corporate address or a free email provider.