Warning: Fake package-tracking email may have a nasty malware surprise

Written by |

‘Tis the season for online shopping, which means more people than usual are expecting packages in the mail leading up to Christmas.

That gives the criminals ample opportunity to lure you in with fake package-tracking emails that can load malware onto your computer, phone or tablet.

RELATED: The best and worst charities for your donations

Be on the alert for fake shipping notifications

Here on Team Clark, we’re again seeing an uptick in the number of fake package-tracking notifications being sent to people in time for the holidays.

Team member Sally recently received the following bogus emails in her inbox:

FedEx scam


“It was easy for me to spot this as a scam because I have not ordered anything from [these companies],” Sally said. “Also, the sender’s email addresses on both examples are clearly untrustworthy.”

That’s a great observation on Sally’s part; both [email protected] and [email protected] are oddball addresses.

The latter is registered in the European Union. You have to ask yourself why Sally would be getting an email about a domestic package — that she didn’t order in the first place — from an international division of FedEx!


So one key line of your defense against this common scam should be to check the sender addresses on these kinds of emails.

Because let’s face it: The criminals do a great job of getting the look, feel and even the logo of these companies down pat!

In fact, when you consider how real these emails look, it’s no surprise that so many people are duped. They will fall prey, click on the link in the email and wind up downloading malware to their device. It’s that malware that can leak sensitive financial info to criminals located who knows where.

So the best rule of all is this:

If you receive an email you weren’t expecting, do not click on any links inside the email. If you are expecting a package, go directly to the carrier or retailer’s own website (UPS, FedEx, Walmart, Amazon, etc.) to get any delivery information you supposedly need to know.

Here are a couple of other common tip-offs that can alert you to the fact that the package-tracking notifications showing up in your inbox are bogus:

A very loose command of the English language: We all know by now that phishing emails are notorious for their bad grammar and misspellings. Of course, if a suspicious email doesn’t have any typos that doesn’t mean it’s legitimate by any means! Rather, you should think of the spelling/grammar test as a red light to alert you to suspected criminal phishing, rather than a green light to let you know the email is truly legit.

Notifications that are general in nature and don’t use your name – If you’re not mentioned by name, that’s a sign the criminals are playing a numbers game blasting these emails out to as many people as possible. If they’re able to steal money from even a handful of those people, that’s a win for them. Don’t become a statistic!

Welcome bonuses can be a great way to boost the value of a credit card. Best Credit Card Sign-up Bonuses for 2023 - If you're in the market for a new credit card in 2023, you may be hoping to cash in on the hundreds of dollars in sign-up bonuses offered to new customers. Welcome bonuses and offers are a marketing tool that…
The best cell phone plans include Tello, Mint Mobile, Visible, T-Mobile, Consumer Cellular and more Best Cell Phone Plans in 2023: The Cheapest Plan for Every Need - Team Clark ranks the best cell phone plans and deals! See our favorites for unlimited data, families and cheap plans starting at $10/month.
Clark Deals