This morning I received an email from “Do_Not_Reply” with a subject of FedEx® Tracking. This is what the body looked like…
Your package has been successfully delivered.
FedEx Courier Services, LLC
The contents o f this e-mail message and any attachments are intended solely for the addressee(s) named in this message. This communication is intended to be and to remain confidential and may be subject to applicable attorney/client and/or work product privileges. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and its attachments. Do not deliver, distribute or copy this message and/or any attachments and if you are not the intended recipient, do not disclose the contents or take any action in reliance upon the information contained in this communication or any attachments.
Please do not respond to this message. This email was sent from an unattended mailbox. This report was generated at approximately 8:08 AM CDT on 05/31/2017.
All weights are estimated.
To track the latest status of your shipment, click on the tracking number above.
Standard transit is the date and time the package is scheduled to be delivered by, based on the selected service, destination and ship date. Limitations and exceptions may apply. Please see the FedEx Service Guide for terms and conditions of service, including the FedEx Money-Back Guarantee, or contact your FedEx Customer Support representative.
Thank you for your business.
The word “Tracking” was a hyperlink (which I removed in this post for your protection). Upon further investigation I found that the link would take you to a web site that was http://susan-hotel.com… Which is a hotel near the coast of Turkey. I don’t know but I would suspect that FedEx does not have offices in a hotel in Turkey. If you follow the link it then forwards you to a login screen and all you have to do is fill in your password. DO NOT DO IT!!!
This is a process called “harvesting” passwords and the person doing it can then sell the email addresses and passwords to any number of other people on the black web and they can then use this information to break in to your accounts. Just one more way for bad people to scam you. Bottom line, never follow a link in an email to a page that asks for more information. At first look, I counted 5 clues that this was a scam and there are probably more.
If you have more question or ever worry that something is not safe, we are always available to help at 260-242-5112.