Spam Gallery–USPS Delivery Failure

The Spam Gallery is a series of posts that give examples of spam messages, explaining telltales signs of how they are spam.

image

This email is somewhat obvious, but maybe curiosity would cause some to get tricked.  Check the following:

  • The email is from the USPS, but the email address is not from usps.gov.
  • The email does not give any personal information such as name, location, or recipient.
  • The grammar in the message is very poor and there is a misuse of words to make the message sound intelligent (“erroneous” in particular).
  • No one sends attachments anymore.  All businesses will link you to their web site to download a file or a report.
  • The attachment is not a PDF, it is a zip file.  If you look in the zip file, there is an EXE file, which is clearly not a report.

Even if you did send a package on or near the date mentioned in this email, how did the USPS know your email address?  Don’t let curiosity get the better of you – wondering what the shipping label says, wondering if you can claim a package that isn’t yours.

Spam Gallery–Facebook Notification

The Spam Gallery is a series of posts that give examples of spam messages, explaining telltales signs of how they are spam.

image

This message is spoofed as a Facebook notification.  Here’s the signs of spam I see in this message:

  • I don’t know the sender.  If you are excited about getting a message from someone you don’t know, you need to learn restraint.  The name is also in all caps, which is suspicious to a small degree.
  • The message excerpt is very short and generic, hoping you will click the link for the full message.
  • Hovering over any link shows that the address will take you somewhere other than Facebook.  Even the profile image is suspect.  Luckily, Outlook blocked all the images. 
  • Notice the notification date.  Now look at the email send date.  The spammer tried to make it seem like the notification had been sent right away, but the spammer is in another time zone, which made for a large gap in the time sent vs. the notification time.

Always check the links in an email before even downloading the images.  If you don’t recognize the name, don’t assume it’s someone trying to be friendly.

Spam Gallery–LinkedIn Notification

The Spam Gallery is a series of posts that give examples of spam messages, explaining telltales signs of how they are spam.

image

Being a member of Linkedin, this one made me pause.  I don’t recognize the name, so my assumption is that it is a tech recruiter, which I wouldn’t really want to deal with anyway.  Everything looks pretty legit about this message except for the links.  If you mouse over them, they show that they will redirect you to a site that is not LinkedIn.  All three of the links in the message go to the same address.  The address in this particular case had the word “terrorize” in it.  Probably a good indication of the anticipated result. 

Always check the address of the links in a message before clicking them.  They should have the company name in them.

Spam Gallery–Your Flight Order

The Spam Gallery is a series of posts that give examples of spam messages, explaining telltales signs of how they are spam.

image

My first thought on getting this message was “What flight?”  Then you have the usual signs of spam including:

  • Being addressed generically (“Dear Customer”)
  • Not having a departing airport, because it would be too obvious if it didn’t match my home location
  • Having the FROM address be from my own domain as if I’m sending it to myself, but can be really convincing if it is a corporate email domain.
  • Having a ridiculous airline name (“Airlines America” instead of “American Airlines”)
  • The body of the email is not consistent with an email that has been forwarded and replied to.  There are no other parts in the body with other recipient’s header information.

Even if you are curious, do not click the link.  There is nothing interesting to be seen.