Don't Be Fooled; Fake Postal Deliveries Look Real

November 08, 2012

The tag has everything on it – USPS logo, UPC bar code, correct spelling good grammar, and a click through.

"Unfortunately we failed to deliver the postal package you have sent on the 27th of October in time, because the recipient's address is erroneous. Please go to the nearest UPS office ..." it states.

What? Wasn't his from the USPS?

Boise resident Nancy Hansen's reaction was completely accurate. "We do send package through USPS and through UPS, but we did not send one on the 27th."

The email address suggests that if you have questions, write to On examination, the email is "" There's an extra 'u.' When a internet search is done, it redirects to the which is the real United States Postal Service. Email is undeliverable to the address.

"I'm assuming if I'd clicked on the 'print shipping label' button, it would have allowed access to my computer," she asked when she called BBB.

A quick call to the local UPS store, prompted this response: "We do not recognize this type of label, so we suggest that you contact the local UPS HUB at 116 N 42nd st [Boise], or call the main post office and give them the label number which is the very long number at the bottom of the label to see if it is valid."

The label has 30 digits on the UPC bar code is too long for anything the USPS uses, Postal Inspectors told BBB.

This is a SCAM email!

Some postal customers are receiving fictitious emails about a package delivery or online postage charge.  The emails contain a link or an attachment that, when opened, installs a malicious virus that can steal personal information from your PC.

"The e-mail claims to be from the U.S. Postal Service and contains fraudulent information about an attempted or intercepted package delivery or postage charge. In the e-mail, you are instructed to click on a link, open an attachment or print a label," the statement reads.

But Postal Inspectors warn: Do not click on the link or open the attachment!

This is a phishing scam.

Phishing attacks use phone, fax, mail, email or malicious websites to solicit personal information by posing as a trustworthy organization.

BBB reminds:

•DO NOT give sensitive information – personal or financial – to anyone unless you are sure they are indeed who they claim to be.
•DO NOT give access to electronic information – via unknown links,  emails or advertising.

For routine SPAM (i.e. advertisements, commercial content, social media) the best course of action is to simply delete the message.