USPS SHipping Label Scam?

Factual Questions
1

This morning I got not 1 but TWO emails claiming to be from the USPS for shipping labels I had ‘ordered’:

Acct #: 4389217

Dear client:

This is an email confirmation for your order of 2 online shipping label(s) with postage. Your credit card will be charged the following amount:

Transaction ID: #6938561
Print Date/Time: 03/12/2012 02:30 AM CST
Postage Amount: $26.80
Credit Card Number: XXXX XXXX XXXX XXXX

Priority Mail Regional Rate Box B # 2268 6119� 6754� 4704� 4363� (Sequence Number 1 of 1)

If you need further information, please log on to Print Shipping Label Redirect Page and go to your Shipping History or visit our Frequently Asked Questions .

You can refund your unused postage labels up to 14 days after the issue date by logging on to your Click-N-Ship Account.

Thank you for choosing the United States Postal Service

Click-N-Ship: The Online Shipping Solution

Click-N-Ship has just made on line shipping with the USPS even better.

New Enhanced International Label and Customs Form: Updated Look and Easy to Use!

This is an automatically generated message. Please do not respond
and:

Acct #: 2569864

Dear client:

This is an email confirmation for your order of 3 online shipping label(s) with postage. We will charge you the following amount:

Transaction ID: #5802634
Print Date/Time: 03/10/2012 02:30 AM CST
Postage Amount: $20.91
Credit Card Number: XXXX XXXX XXXX XXXX

Priority Mail Regional Rate Box B # 5114 2033 3295 1909 3214 (Sequence Number 1 of 1)

If you need further assistance, please log on to Print Shipping Label Redirect Page and go to your Shipping History or visit our Frequently Asked Questions .

Refunds for unused postage-paid labels can be requested online up to 14 days after the print date by logging on to your Click-N-Ship Account.

Thank you for choosing the United States Postal Service

Click-N-Ship: The Online Shipping Solution

Click-N-Ship has just made on line shipping with the USPS even better.

New Enhanced International Label and Customs Form: Updated Look and Easy to Use!

This is a post-only message
The second one was sent to multiple people. Now… I KNOW I haven’t ordered any shipping labels, and they aren’t even showing the last 4 digits of the credit card #, so I’m not really worried about being charged, and I damn sure didn’t click on their links, but is this a new scam going around? Anyone have any info on it?

2

I got a few of those too. If you look at the ULR in the email itself it doesn’t go to USPS.com. I just forwarded them to the spam@uspis.gov address.

One was particularly insidious. For our business, I keep a commerce email account–any store or service that needs an email address gets that one. They also cc’d Mrs. Devil’s work email. CCing the right people is usually a (very) mild sign of non-spam. This one could have caught me had I been just a little more sleepy.

There’s also an alert on the USPS home page about “bogus delivery messages.”

3

Ah, their wording is so close…

I just looked at a real one for a package I sent last month. They don’t say “Dear client” but instead, it was addressed to “Dear The combined name I put on the box for the return address” ie: something like “Dear IKE & TINA TURNER:”

4

I wish I hadn’t deleted them, I would have forwarded them to the spam link.

I was mainly just curious as to if anyone else was getting them; after posting I googled it and got quite a few hits, so evidently they are out & about.

5

Rhythmdvl, if you still have a copy of the email do you mind sending me the URLs in a PM?

6

Done. Of course, don’t click on the link.
(Nor pee on the electric fence.)

7

No problem about deleting them. You’ll probably get more anyway from time to time. Yes, these have been going around. I get a few a month.

When the SAME e-mail, including any supposedly identifying numbers, is sent to a bunch of people at once, like you say, then you KNOW for damn sure that it’s gotta be bogus. A legitimate message would never have the same account number sent to a lot of people. I get a lot of those.

I trust you know the trick of pointing your mouse at any of the links, and the browser will show you in the message bar at the bottom what the link REALLY says.

Another one I’ve been seeing a lot lately is something that looks sorta like a friend request notice, not from Facebook, but from a place called “Tagged”. I’m getting a handful of those every day recently, in each of several e-mail accounts. Each one has about six links I can click to do various things, like “accept”, “deny”, “more info”, “unsubscribe”, and some others. They ALL point to the same very obviously bogus place.

8

No, I DIDN’T know I could point my mouse at the link and see where it really goes! Man, do I feel dumb! Will try that next time! Thank you!!

9

You can try it out right now, without waiting for the next mal-mail. Just go to ANY web page. (The one you are reading RIGHT NOW will do!) Find any clickable link anywhere on the page. Point your mouse at it, and you will see the actual URL that it will take you too!

Here is an example you can try right now. (It’s a safe site. Covered_In_Bees went there a few days ago and called it awesome.)

Now, here is how scammers will try to fool you: What you see on your screen could be anything! just like that phrase “Here is an example” just above. So they could have a link that goes to some evil URL place, but make it look like some different legitimate link!

Here’s an example of that: http://www.crayola.com/ See, it looks like it should go to the crayola web site, but it really just goes to the same place that my first link goes. That’s how spammers and scammers will try to trick you into clicking on dangerous links.

Just hover your mouse over any of the above links to see where they really go.

ETA: This also works with most push-buttons you see and some other things you can click on, but not all of them.