After yesterday’s post about a virus/malware laden email from eFax, it now seems that there’s also one supposedly from Royal Mail being sent out informing you that a parcel is either lost or missing with UK Customs and Border Protection.
This one’s much the same except this time , rather than a fax being contained in the attached .zip file, there are important documents that you need to fill in with information in order for them to process this any further, when actually like yesterday its a .pdf.exe file, that’s relying on you clicking on it and running the payload that will infect your PC with the hackers/phishers malware/exploit/virus.
As is the case with any suspicious emails, I recommend that you don’t open any attachments and just delete it, ensuring that you also empty your deleted folder in Outlook as well
Here’s what Royal Mail say on their website about these spam emails :
“Royal Mail has been alerted to an email incorrectly claiming to be from Royal Mail and stating Lost/Missing package and claiming we are holding an item for the customer. It asks the person to fill in documentation. However, the attachment has a malicious virus and we are encouraging people not to open it.
Royal Mail abhors any activity which seeks to use our name to defraud people and treats such incidents extremely seriously. When we are made aware of fraudulent activity, Royal Mail’s security team has robust procedures in place to take the necessary steps to protect our customers.
Royal Mail’s security team has taken the appropriate action to protect our customers. We have notified the National Fraud Intelligence Bureau, which is responsible for collating information on such incidents and wherever possible disrupting the activity of fraudsters. Our customer service teams are advising customers not to open the attachment on the email.
We would also like to stress that:
• We will never send an email asking for credit card numbers or other personal or confidential information. • We will never ask customers to enter information on a page that isn’t part of the Royal Mail website. • We will never include attachments unless the email was solicited by customer and sent from a recognised member of Royal Mail staff.”
If you’re not expecting it and you don’t know who it’s from I tend to google the email details and then delete, better safe then sorry.