Fraudulent emails adopt many different forms and are the unauthorized actions of third parties not associated with UPS. These email messages referred to as "phishing" or "spoofing" are becoming more common and may appear legitimate by incorporating company brands, colors, or other legal disclaimers. Help protect yourself by becoming familiar with these methods of fraud:
- Spam: Often referred to as "junk mail," spam consists of email messages that are unsolicited by the recipient and that target the recipient with direct mail messages.
- Phishing: The term "phishing," as in fishing for confidential information, refers to a scam in which the sender attempts to fraudulently obtain and use personal or financial information.
Please be advised that UPS does not request payments, personal information, financial information, account numbers, IDs, passwords, or copies of invoices in an unsolicited manner through email, mail, phone, or fax or specifically in exchange for the transportation of goods or services. UPS accepts no responsibility for any costs or charges incurred as a result of fraudulent activity.
View Examples of Fraudulent Emails
Awareness and recognition of fraudulent letters, emails and phishing attempts is vital to protecting yourself against theft and other related crimes. Common indicators that an email might be fraudulent include the following:
- Design Flaws: An email containing distorted or irregularly sized logos
- Poor Grammar: Grammatical errors and excessive use of exclamation points
- Misspellings: Incorrectly spelled words or links to altered websites (For example, modifications or variations of the legitimate www.ups.com website address, such as www.unitedparcelservices.com)
- Sense of Urgency: Alarming messages requesting immediate action, such as "Your account will be suspended within 24 hours." or "Contact us immediately to claim your parcel or prize."
- Unexpected Requests: A request attempting to obtain money, financial information (e.g. bank account or payment card numbers), or personal information in exchange for the delivery of a package or other article
- Communication Gaps: An email that does not provide an alternative method for communicating the requested information (i.e. telephone, mail, or physical locations)
- Deceptive Link: A link contained within an email that appears to direct your browser to a known, safe site but actually directs your browser to another location, potentially to an unsafe or fraudulent site. You can detect this by hovering over the link with your cursor. This causes the actual destination of the link to display in a pop-up, the lower left of your status bar, or other location depending on your email client. It is suspicious if the actual destination does not match the address in the link. Also be suspicious of links containing numbers in place of letters, abbreviations, and slight misspellings in the link.
Some legitimate UPS communications may come in the form of an email with an "epackage" link contained within the email. These messages are designed to increase the protection around sensitive information, and the associated link will always start with https://ftp2.ups.com.
Fraudulent emails often appear to come from trusted sources, with the true sender revealed only through the Internet headers (not the same as the email headers). The Internet headers can be found through your email system from within the email, using various methods depending upon the email system you use. For example, in Microsoft Outlook, this is accomplished by opening the email in a separate window, clicking on the "File" tab and then choosing "Properties." The internet headers will be shown in the box at the bottom of the window.
Additonal ways to prevent email fraud:
- Never respond to or act upon emails, or select web links from any unknown source that requires you to provide, update, or verify personal, financial, or other confidential information.
- Be wary of any suspicious emails or phone calls asking for you to validate your UPS account information.
- Use a secure Internet browser.
- Do not give out your UPS.com user name or password.
- Change your password regularly.
- Create strong passwords by using a combination of letters and numbers.
- Always use up-to-date virus protection software and consider using spyware detection programs.
- Equip your computer with either a software or hardware firewall.
- Do not access confidential information at Internet cafes, public libraries, etc.
- If you are using a wireless device, be sure to follow the manufacturer's instructions on establishing the services and settings to ensure a protective level of security.
Additional information on spam or phishing can be found online at the Federal Trade Commission website.
Visit the Federal Trade Commission