Fraudulent e-mails adopt many different forms and are the unauthorised actions of third parties not associated with UPS. These e-mail messages referred to as "phishing" or "spoofing" are becoming more common and may appear legitimate by incorporating company brands, colours, or other legal disclaimers. Help protect yourself by becoming familiar with these methods of fraud:
- Spam: Often referred to as "junk mail," spam consists of e-mail messages that are unsolicited by the recipient and that target the recipient with direct mail messages.
- Phishing: The term "phishing," as in fishing for confidential information, refers to a scam in which the sender attempts to fraudulently obtain and use personal or financial information.
Please be advised that UPS does not request payments, personal information, financial information, account numbers, IDs, passwords, or copies of invoices in an unsolicited manner through e-mail, mail, phone, or fax or specifically in exchange for the transportation of goods or services. UPS accepts no responsibility for any costs or charges incurred as a result of fraudulent activity.
View Examples of Fraudulent Emails
Awareness and recognition of fraudulent letters, e-mails and phishing attempts is vital to protecting yourself against theft and other related crimes. Common indicators that an e-mail might be fraudulent include the following:
- Design Flaws: An e-mail containing distorted or irregularly sized logos
- Poor Grammar: Grammatical errors and excessive use of exclamation points
- Misspellings: Incorrectly spelled words or links to altered websites (For example, modifications or variations of the legitimate www.ups.com website address, such as www.unitedparcelservices.com)
Note: UPS sends legitimate e-mail from several URLs, including ups.com and upsemail.com.
- Sense of Urgency: Alarming messages requesting immediate action, such as "Your account will be suspended within 24 hours." or "Contact us immediately to claim your parcel or prize."
- Unexpected Requests: A request attempting to obtain money, financial information (e.g. bank account or payment card numbers), or personal information in exchange for the delivery of a package or other article
- Communication Gaps: An e-mail that does not provide an alternative method for communicating the requested information (i.e. telephone, mail, or physical locations)
- Deceptive Link: A link contained within an e-mail that appears to direct your browser to a known, safe site but actually directs your browser to another location, potentially to an unsafe or fraudulent site. You can detect this by hovering over the link with your cursor. This causes the actual destination of the link to display in a pop-up, the lower left of your status bar, or other location depending on your e-mail client. It is suspicious if the actual destination does not match the address in the link. Also be suspicious of links containing numbers in place of letters, abbreviations, and slight misspellings in the link.
Some legitimate UPS communications may come in the form of an e-mail with an "epackage" link contained within the e-mail. These messages are designed to increase the protection around sensitive information, and the associated link will always start with https://ftp2.ups.com.
Fraudulent e-mails often appear to come from trusted sources, with the true sender revealed only through the Internet headers (not the same as the email headers). The Internet headers can be found through your e-mail system from within the e-mail, using various methods depending upon the e-mail system you use. For example, in Microsoft Outlook, this is accomplished by opening the e-mail in a separate window, clicking on the ‘File’ tab and then choosing ‘Properties’. The internet headers will be shown in the box at the bottom of the window.