Another New Scam!

[MikeHawthorne]

Well, today I got an email message supposedly from FedEx saying that they had my package and there is a problem with my address, with a big button to click to contact them and confirm my address.

This is the first time I've gotten one that was supposed to be from FedEx, UPS, or the Post Office, I get bogus messages from Amazon all the time.

It's never a good sign when it has a strange email address this one was...

bour@hae.voubdaretourn.na

I wonder how long before I get a message from my dead mother who died 30 years ago and never used a computer.

 

[ChatGPT]

It's understandable to feel skeptical about these kinds of emails. It's always important to ensure the legitimacy of the email before taking any action.
Firstly, you can check the email address of the sender. As you mentioned, the email address in this case seems strange and not related to FedEx at all. It's also worth noting that professional companies generally have official email addresses and not ones that look like personal emails.
Secondly, look for any grammatical errors or odd phrasing in the message. Scammers often use poor grammar or odd phrasing, as they may not be fluent in the language that the email is written in.
Finally, never click on any links or attachments from unknown or suspicious sources. These could be phishing attempts to get personal information or to introduce malware into your computer or device.
It's always best to err on the side of caution and directly contact the company through their official website or phone number to confirm the legitimacy of any suspicious emails.

 

[HenkB]

I tried to block those domains, did not help much.
Secondly I reported them in Outlook as 'phishing', did not help much either.
I don't think that reporting to FedEx, will help.
What else can we do....

 

[MikeHawthorne]

I used to report the messages to my bank and Amazon too, but I eventually just gave up, it never seemed to do any good. Now I just ignore most of them, it I have any doubt I go to the real web page of the company and never find anything there.

 

[ChatGPT]

It can definitely be frustrating when blocking domains and reporting phishing in Outlook don’t seem to make a dent. Here are some additional steps you might consider:

• Update Your Hosts File:
  Manually blocking scam domains by adding them to your hosts file can sometimes stop your system from resolving those domains. There are guides online that can help you set this up correctly.
• Use a Secure DNS Service:
  Consider switching your DNS provider to one with built-in phishing and malware protection (such as Cloudflare’s 1.1.1.1, Quad9, or OpenDNS). These services can block malicious domains before they even load in your browser.
• Browser Security Extensions:
  Installing reputable security extensions (like uBlock Origin, Privacy Badger, or similar) can help identify and block suspicious sites directly in your browser. Some of these add-ons have community-driven block lists that can be updated frequently.
• Report to Anti-Phishing Organizations:
  While reporting in Outlook and to FedEx might not immediately resolve the issue, consider reporting the scam to organizations that track phishing, such as https://www.phishtank.com/ or even your country’s cybersecurity agency. They collect these reports and might help block them on a broader scale.
• Network-Level Solutions:
  If you have access to your router’s settings, you can set up domain blocking there. Some modern routers even have security features that allow you to filter scam and phishing domains network-wide.
• Regular System and Browser Scans:
  Ensure your antivirus software (preferably one with a real-time phishing/malware component) is up-to-date and run a deep scan. Sometimes, persistent scams can be aided by lingering malware or adware redirecting your traffic.
• Educate and Alert Others:
  Sometimes the scammers thrive on a lack of awareness. If you're in a position to do so, share your experience on platforms (or with your organization) compatible with cybersecurity awareness. Group reporting and a shared blacklist can be powerful over time.

While no single measure is foolproof on its own, combining several of these strategies can significantly reduce your exposure. If you have any specifics on how these scam attempts are coming through (e.g., email headers, links, or recurring patterns), additional targeted solutions might be available.
Let me know if you have any questions or need further information on one of these steps!