WARNING: Do Not Open Email From USPS Delivery, It’s A Virus

November 7, 2011
By

I thought I could spot virus emails without much trouble.

Well I got nailed today by an email claiming that my package had been addressed incorrectly and that I should open the attachment to help reclaim the package from the post office.

I had just sold a camera on eBay and rushed to mail it after the snow storm.

So it was easy for me to imagine that I mislabeled the package.

As soon as I opened the attachment my virus protection AVAST – locked on it and cleaned it out.

Unfortunately I had sent it to the person who paid for the camera. I quickly sent him another email warning him of the spam.

This is the way it looks:

—–Original Message—–
From: U.S. Postal Service [mailto:u.s.postal.service@usps.net]
Sent: Wednesday, August 03, 2011 8:28 AM
To: george@ctwatchdog.com
Subject: USPS Delivery Failure Notification

Hello!

Unfortunately we failed to deliver the postal package you have sent on the 19th of September in time because the recipient’s address is erroneous.

Please print out the shipment label attached and collect the package at our office.

United States Postal Service

www.peopleclaim.com


Similar Posts:

Share

Tags: ,

86 Responses to WARNING: Do Not Open Email From USPS Delivery, It’s A Virus

  1. research pro on November 8, 2011 at 6:23 pm

    Just look at the email address with the .net suffix – the USUS has the .gov suffix. Easy to spot that this is fraudulent. We get too complacent – our eyes see what we expect to see. Look closely at all email, even from those you think you know.

    • George Gombossy on November 8, 2011 at 6:23 pm

      You are SO right.

    • melissa on June 1, 2012 at 3:09 pm

      I got an email from USPS.com (which is a legit address) but no attachment, mine email read….

      Notification,

      We couldn’t deliver your parcel at your address.
      Status deny/Wrong data delivery.

      LOCATION OF YOUR ITEM:St.Paul
      STATUS OF YOUR ITEM: sort order
      SERVICE: Express Shipping
      Parcel number:U329778144NU
      FEATURES: Yes

      Postal label is enclosed to the letter.
      You should print the label and show it in the nearest post office to get a parcel.

      Attention!
      If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $11.74 for each day of keeping.

      You can find the information about the procedure and conditions of parcels keeping in the nearest office.

      Thank you for your attention.
      USPS Services.

  2. Balbo on November 8, 2011 at 10:41 pm

    My husband just got hit as well. Any ideas how to fix it? The computer won’t even go beyond the screen where you pick Safe Mode.

    • George Gombossy on November 9, 2011 at 8:49 am

      I would take the computer to Staples or another national office equipment chain NOT BEST BUY

  3. Jake on November 9, 2011 at 8:50 am

    You get to format your computer Balbo. enjoy. its easy. just put in your windows install disk.

    • George Gombossy on November 9, 2011 at 8:54 am

      And if you haven’t backed everything up you have an empty hard drive

  4. Jake on November 9, 2011 at 8:51 am

    Sure, George, they also charge like $50 to just look at the thing. I’m sure if your older you must have a twenty something year old nephew or son or some relative that can do it for you in 5 minutes for free.

    • George Gombossy on November 9, 2011 at 8:55 am

      Do you know that for a fact? or you just taking a guess?

  5. Michele on November 18, 2011 at 3:11 pm

    I just got one today… I had mailed out something as well and thought I’d screwed something up. I downloaded the attachment on my mac and when I opened it, it was a bunch of gibberish. It said it needed to be opened with windows. So far I don’t see anything happening… I deleted the file that I downloaded. Anything I should do on my macbook pro?

  6. Jamie on November 19, 2011 at 10:38 am

    Same thing happened to me. It completely wiped out everything on my computer! I’m beyond ticked off right now. I’m taking mine in today to see if anything can be done. I opened it in safe mode and nothing; just the same emptiness as when I run it normally.

    • Daniel on May 26, 2012 at 8:18 am

      I am helping a client of mine that opened this virus.

      Just to let everyone who got this rootkit virus know, you have not lost ANY files. Your desktop is likely empty, and you cant see ANYTHING in the start menu, but your files are all there.

      One of the viruses you are given with this makes every file it can access hit the “hidden” attribute. You can easily get around this through:
      Folder Options – View – Show hidden files, folders, and drives.

      With this at least, you can save your important files. I am still performing a reformat on this machine despite all of the viruses being gone. IE is still hijacked, and the rootkit is still there. You can use the internet safely if you install a different browser. Good Luck!

  7. Nikole S on November 20, 2011 at 5:15 pm

    :( just sent something to japan and got that email, the date seemed correct too. I opened it up at my work computer, and BAM. virus completely wiped out my profile. Has anyone had any luck in getting it fixed???

  8. Stephanie on November 20, 2011 at 6:35 pm

    I got this and I was suspicious because I hadn’t mailed anything. The e-mail address had the .gov address so it looked totally legit. Fortunately since I hadn’t mailed anything I knew it had to be a virus and didn’t open the attachment but it concerns me that they were able to use the .gov suffix.

  9. Stephanie on November 20, 2011 at 6:36 pm

    The one I got did have the .gov suffix. I saw nothing suspicious in the e-mail address.

  10. Steve on November 20, 2011 at 9:56 pm

    Actually, it is USPS.COM, Not .GOV or .NET In fact, I just got the infected email from info@usps.gov I however didn’t get infected because I thought it was fishy seeming how I haven’t mail anything in a year and the email has an EXE file…

  11. Vic on November 23, 2011 at 8:59 am

    Hello Steve,

    I receive that mail today coz i’m expecting parcel today and it was really delayed and the due date mentioned on the email is exactly the same as my parcel i downloaded the zip file but became suspicious when i saw a lot of recipients so i google it and found out it was a scam, will the i be infected with the virus after downloading it eventhough i did not open the zipfile? so far nothing is happening on my computer. Thanks

    • Daniel on May 26, 2012 at 8:21 am

      You will be fine. The virus will only work if you ran the EXE file.

      Sadly, Windows has “View known file extensions” off by default, so most won’t even see the .exe

  12. Tsuchida on November 26, 2011 at 6:25 pm

    What I find interesting is people are opening the email attachment without wondering how USPS go ahold of their email address in the first place. My sympathy to those who have been infected. Hopefully you have been backing up your data and kept the install disks for all of your software. My policy has always been “once infected, always infected” and I do a complete harddrive wipe. Just because McAfee/Kaspersky/Norton says it has quarantined or fixed it doesn’t mean it hasn’t missed a key-logger and now the tards who wrote the virus are logging your keystrokes and getting your various account informations.

  13. Ruder on November 26, 2011 at 11:36 pm

    This one almost got me too.

    But the email mine came from is info@usps.gov

    I was expecting a package not sending one, thats the only way I wouldn’t have fallen for it.

  14. Steve on November 29, 2011 at 10:43 am

    I received the one which had the .gov extension. I didn’t think anything about it because I actually did mail something on the day it had in the email. I did put my email in to receive an electronic copy of the signature conformation so I really didn’t think twice about how they received my email address. I attempted to open the zip file but it didn’t seem to open. Nothing has happened to my computer as of yet. Should I be worried? I ran virus scan this morning and it didn’t come up with anything.

    • George Gombossy on November 29, 2011 at 11:02 am

      what kind of anti-virus program are you running? I would get a free copy of AVAST and also use that

  15. Jmorandi on November 29, 2011 at 11:50 am

    Tsuchida you’ve hit the nail on the head! HOW would the postal service, FedEx or UPS or any other delivery service, send an email to me if I didn’t give them my email when I sent the package?! We’ve become complacent and reliant upon our antivirus software. We’ve got to use common sense if we’re going to avoid being scammed or having our hard drives attacked by marauders,

  16. d_mo on December 1, 2011 at 2:53 am

    re: the “.gov” question:

    The website for the United States Postal Service is http://www.usps.COM – they don’t actually have the “.gov” suffix. The Postal Service is not technically a full government agency – they receive no tax money from the federal government (although Congress has control over them) and they’re actually semi-autonomous. It’s weird – the USPS is expected to be self-funded, yet Congress won’t even let the Service create its own cost-cutting measures, like deciding on its own which days it should deliver mail. SO strange.

    But anyway, yes, we do have to be more vigilant in what we read…

  17. Ken on December 8, 2011 at 8:46 pm

    This virus puts an hidden attribute on all folders and menus. you can look at your hard drive from another computer via a network and save the files that need to be saved. This virus hits even with Norton fully up to date. I would suggest after retrieving your files, do a total format and reload. and NEVER buy Norton Antivirus.

  18. dummy on December 28, 2011 at 12:09 pm

    wow-i got 1 of these, too. the from field just says United States Postal Service. i tried to download the attachment but luckily i couldnt. i dont remember what the error msg said when i tried to download the attachment, but it gave no indication that it was a virus. i have norton antivirus.
    i dont see how i could have told that this was some kind of scam. there was nothing flakey looking in the from field-just USPS. but my computer seems fine. i’m no computer genius, that’s for sure, and have little way of detecting a phony email by the sender’s address. and, in this case, with yahoo email, i did not have a senders address other than USPS.
    my question is-who would do this and why? does anyone ever figure out who generates these malicious viruses?
    is there anything i should do to safeguard my computer besides the antivirus thingy? as i said, i’m the antithesis of a computer whiz and probably wont understand it anyway.
    and, just to rant a little bit more and avoid doing anything remotely productive- its annoying when people imply that youre a moron if you are not proficient in the area of computers. it is a skill held by few and is mostly populated by pretenders who try to put other people down as being stupid. an extensive knowledge of computers is no indication of intelligence any more than an extensive knowledge of mollusk reproduction. so, stop trying to lord it over people when they have made an understandable mistake. [i have 2 ‘computer geniuses’ in my family, but when push comes to shove, they barely know more than i do.
    PS-i’m still waiting for a pkg from USPS that was sent after this virus thing.

  19. tharpa on January 8, 2012 at 9:05 am

    Michele: I don’t think you have anything to worry about. Like almost all viruses, this is a Windows virus, thus doesn’t affect Macs.

    Stephanie: Forging headers in an email is easy to do for those so inclined. The .gov address is not proof that it comes from the government. Indeed, many viruses look like they come from people you know.

    Vic: You should be okay since you didn’t open the attachment.

    Tsuchida: I think some of your fears are unwarranted. a) This is a destructive virus. Data-stealing viruses don’t announce their presence. b) Once a commercial virus scanner detects a virus, it’ll make sure it stops it in its tracks.

    d_mo: The postal service makes their money because they’re a government-enforced monopoly. Once the government took away Bell Telephone’s monopoly, the price of long-distance calls came down drastically. The postal service has been providing six days a week mail delivery for over two hundred years. Usually things become more efficient as time goes on, but the postal service is now claiming that it can’t do what it had been doing for centuries. Real simple: tell the USPS that if they stop six-days a week service, they’ll lose their government-enforced monopoly. Bet they’ll stop pushing for five-days a week only delivery pronto.

    dummy: One other clue I had was that the email referred to the USA Postal Service. It is the US Postal Service (USPS), not the USA Postal Service.

    Most viruses of this sort are created by teenage boys or young men, just for the challenge. Sometimes they do catch the authors, and if they’re adults they go to prison for a couple of years. Back up your data at least monthly. I agree that it doesn’t mean you’re a moron if you’re not computer savvy, though a lot of geeks seem to think so. To confuse a lack of knowledge on any particular subject with stupidity says more about the intelligence of the confused person than it does about the person with less technical experience. (And, by the way, I have an M.S. in Computer Science.)

    I’m also wondering what version of Windows Balbo and others who were affected badly have. Windows Vista and later are more secure in that to perform certain kinds of operations you need to click a special button on an administrative window that pops up. You wouldn’t expect that a simple postal label would need administrator rights, so you wouldn’t click OK on the special window.

  20. Tim on January 18, 2012 at 7:33 am

    This is clearly another case for improving public education in America. You don’t have to know anything about technology to spot the USPS notice as a hoax. Does no one in this country know how to read and write? Check it out. Would the Post Office or any other legitimate business or government entity use “Hello!” as the salutation in an official notice? It gets worse. What’s wrong with “the postal package you have sent?” Anybody? My favorite part is that the recipient’s address is “erroneous.” Go ahead and look it up. It’s not quite synonymous with “incorrect” or “wrong,” either of which would have been a better choice. Using a thousand-dollar word in place of a plain, old everyday word and using it incorrectly is the hallmark of both non-native speakers and poorly educated hucksters. If poor grammar and stilted language weren’t jarring enough to get your attention, have you ever heard the term “shipment label” before? Clue: It’s “shipping” label. If you missed all that, then there’s probably no reason to explain why “shipment label attached” should have read “attached shipping label.” If you didn’t notice the odd address and didn’t bother to read the message, or worse yet, if you did both and still opened the attachment, have you at least learned something?

  21. Sandy on January 23, 2012 at 1:02 pm

    My husband got the same thing in his email but it had said that we had the package and since we had some family sending us stuff in the mail lately he opened it. AUG caught it as soon as he opened the email, yes no download was needed all he did was open the email.
    But I have always believed to keep my computer with lots of protection, the free stuff works just as good as the ones you have to buy. {after so long of people wanting to download stuff on your computer and catching viruses teaches you to protect your system} The virus is sitting in avg right now but I haven’t found a way to delete it yet. Once I know more I’ll repost but right now I’m thinking getting a hold of a windows cd may be the best thing.

  22. Jen on January 25, 2012 at 4:56 pm

    Just got this myself. Same content, different date.

  23. Kate on January 26, 2012 at 11:04 pm

    Just got one tonight. I had mailed packages and bills on the date they listed. My mac downloaded but would not open in mac only open in my windows parallel. My parallel opened and asked to run twice but could not run the file when I clicked it, so I closed out parallel. At this point I was suspicious so I quickly went to the USPS website and saw the notice of fraud. So I quick deleted the email, the downloaded file on my mac and deleted my parallel desktop. I changed passwords galore for all my personal online accounts. So far my Mac is running fine. I have changed my firewall protection to the max on my Mac as well. Anyone know of anything else I can do to check/enhance the safety of my Mac and my personal info??

  24. Martin on February 10, 2012 at 4:25 pm

    Got the virus yesterday. I was expecting something from usps, where i did leave my email….Virus is extremly high-risk. Had to erase my drive….even with my bitdefender fully updated!!!

  25. kathy on March 22, 2012 at 3:35 pm

    I got one today in my yahoo mail. Looked fishy because the tracking number was too few numbers to be anything attached with USPS. I was a little concerned about how they got my email address and got to thinking I had signed up online to have my mail held for a week while on vacation recently and the stuff they had on the email seemed to flow along with those dates…some how this virus is being sent through their servers to people how have recently used their service and had left their email address on their site for something…also I noticed that the email actually was to another email address with me as a cc. go figure.

  26. Diver Dude on March 23, 2012 at 12:34 pm

    Ways to avoid this…

    1) Have updated Antivirus running on your system.
    2) Create a user that does not have Admin rights on your system. If you create a “Standard User” account on your system then this or any other virus will not have install rights on the PC and that will filter alot of the potenial viruses that you could get out….

  27. AnneT_NH on April 10, 2012 at 8:10 am

    Just got it in the Hotmail spam in-box today. Came through as “USPS Tracking No6345″ in the tagline. Did have the usps.com address. However, Postal Service tracking numbers are huge and complicated, and I haven’t sent anything recently anyway, so I googled it to confirm it was spam (thus finding your post). Just a heads up that it’s still floating around. (And kudos to Hotmail for flagging it, and your blog for posting the warning. Much appreciated!)

  28. Donn on April 11, 2012 at 12:13 pm

    This is the one I got. Luckily my antivirus (Webroot) picked it up right away and was able to get it out of my system.
    ———————————————-

    FROM: USPS Customer Service

    Notification,

    Courier service couldn’t make the delivery of your parcel.
    Status deny\Fee isn’t paid.

    LOCATION OF YOUR ITEM:Rancho Cucamonga
    PARCEL STATUS: not delivered
    SERVICE: One-day Shipping
    :U695761108NU
    FEATURES: Yes

    Label is enclosed to the letter.
    Print a label and show it at your post office.

    Information in brief:
    If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $5.53 for each day of keeping over limited time.

    You can find the information about the procedure and conditions of parcels keeping in the nearest office.

    Thank you for your attention.
    USPS Global.

  29. Bill Jolliffe on April 11, 2012 at 5:40 pm

    Received similar USPS scam mail today from “delivery item @usps.com” (They all seem to be a little bit different) As I am in England I was fairly confident that I didn’t have a parcel waiting for me in WICHITA so didn’t open the attachment! Did wonder though whether the real USPS are aware or interested in what is going on. It can’t be improving their reputation.

  30. Adam on April 16, 2012 at 8:52 pm

    Thanks guys for your information. I almost opened the attachment from this scam e-mail with usps name. I am glad that I looked up fist and found this web site. I received the same exact e-mail which Donn got. I have Norton 360 so I did not have any problems so far.

  31. Garry H on April 17, 2012 at 1:19 am

    Received one this morning and I am expecting a parcel from the US so it fooled me. I did think that there might have been an error as I have not heard from the seller so far confirming that the parcel has been posted. Like a dummy clicked on the attachment to find contact details but because I am a Mac use became suspicious when the zip file did open and the Mac ‘informed’ me that the file wouldn’t open because it is a exe file. Tried entering the ref no. into the USPS website without success, then found this and other message board threats outlining the same. Question – My Mac appears fine so far anybody any thoughts on whether I remain ok or not?

  32. Stephen on April 17, 2012 at 4:01 am

    Another variation of the sender, this time it came from shipping@usps.com
    The message was titled ‘Your parcel is available for pickup’
    Fortunately firewall picked it up and blocked the email.

  33. S Wright on April 17, 2012 at 4:02 am

    I have just received this mail from the following address.

    status_parcel@usps.com

    Thankfully the antivirus picked it up.

    • Kelly on April 17, 2012 at 12:25 pm

      Just got the same email from status_parcel@usps.com
      My Norton picked it up too, thank goodness!

  34. Tina on April 17, 2012 at 1:36 pm

    I just got this email, I almost opened it. Thanks WatchDog!

  35. Mark on April 17, 2012 at 2:48 pm

    I got this hoax a few days ago. McAfee caught it, cleaned the virus out, and put the e-mail in my Junk Mail folder.

    I just happened to notice it there while clearing my Junk Mail folder (of about 250 items ~~).

    Virus protection works, even when we become complacent or too busy and/or too tired to notice that we’re being spammed. Thanks McAfee.

  36. Kevin on April 17, 2012 at 10:48 pm

    Got one today but my Antivirus cought it and blocked it. Mine was from delivery.nr485@usps.com

  37. Gordon on April 19, 2012 at 4:01 am

    microsoft essentials anti-virus can quarantine or blocked that virus also which is free. Just trying to help out. I forgot to delete the zip file i downloaded and the folder but the exe there is gone and move to quarantine. do you think my laptop is infected or not. Need Help

  38. Mike on April 20, 2012 at 4:29 pm

    I just had an email from support_id931@usps.com saying I had to go and pick up my parcel, and use the attached zip file to print off the label, AVG didn’t pick anything up on it but I know better than to open random .zip or .exe files! Very strange though as I am expecting a parcel via UPS and I did click ask to be notified of changes to my delivery via email…

  39. Ash on April 23, 2012 at 6:35 am

    I received an email from shipping@usps.com yesterday but filters screened it and blocked it.

    “The label of your parcel is enclosed to the letter.
    Print your label and show it in the nearest post office of USPS

    Important information!
    If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $9.21 for each day of keeping.”

  40. Kali on April 24, 2012 at 1:01 am

    Just got the e-mail. Luckily hotmail caught it and gave me some message about how it had a virus. Googled it and found this site.

  41. Shawn on April 24, 2012 at 9:01 pm

    Got the email as well. I was waiting on a package and its late I got the email saying the address was undeliverable and to download and print this shipping label.. They got the location of the shipped package perfectly and today was supposed to be the delivery. so it was awkward. But I don’t ever open attatchements from email regardless of who it come from because I have absolutely no faith in anyone. Emails get hacked way to often. Other key notes was the fact they were going to charge me 22 dollars a day untill I went and picked up the package.. The item isn’t even worth 22 dollars. Regardless it all sounds good but at least I got to see what other people were downloading.

  42. Dustin on April 27, 2012 at 6:57 pm

    My girlfriend opened this yesterday. I managed to restore her laptop and all is working fine but I wasn’t able to restore her docs and pics. Any suggestions on how to get these back or are they gone for good?

    • George Gombossy on April 27, 2012 at 7:00 pm

      Did she have a backup of her files? If not, my guess is that she is out of luck. Was there any backups. For a few dollars she can purchase a solid state key drive that could hold all her pics and documents.

      • Dustin on April 27, 2012 at 7:05 pm

        No backups. I have been trying to work out a few problems with her computer and haven’t had a successful backup yet. Guess I should’ve worked a little faster! I was able to do a system restore to get it working again, to bad about the pics though. Thanks for your help.

        • George Gombossy on April 27, 2012 at 7:13 pm

          Dustin: my concern would be that there is a virus left hidden in the computer. I would get the free version of malware, run it, and also use microsoft’s security, also free to scan the complete drive

        • George Gombossy on April 27, 2012 at 7:15 pm

          Oh, one more thing, if she had any passwords and ids to other programs or finances accounts, i would immediately change them. new passwords should include at least one CAP letter and at least one & or %, makes it much harder to crack

          • Dustin on April 27, 2012 at 7:32 pm

            I scanned with malwarebytes and windows defender. Came up with rogue.fakeav and malware.gen.fap. I assume one or both of these came from that email. Both of us have been using the same passwords for a long time so I think it would be best for us both to change them, as I use her computer more than my own. Thanks again for your help.

          • dendy on April 28, 2012 at 12:05 am

            Even if you deleted your files when you reinstalled windows your files still have a good chance of being recovered at your local comuter store. But if you checked the option to keep your documents during the system restore, then they might just be hidden. you’ll have to do this from the run cmd command prompt and then unhide the files with “attrib” DOS command. All fails take it to your local comuter shop if you don’t know what your doing. peace!!

          • Dustin on April 28, 2012 at 4:55 pm

            All files where hidden. This is what I did to fix it.

            Start>Control Panel>Classic View>Folder Options>View>Hidden files and folders (check the “Show hidden files and folders”>Click “Apply to all Folders”>Apply>Ok

            Thanks for all the help.

  43. dendy on April 27, 2012 at 11:57 pm

    I got info@usps.com. Didn’t opened it even though i just send a parcel; how would usps have my email?? The Virus just hides your files, their not lost forever. The virus usually hides in your documents and settins (users) folder as a .exe file in appdata folder. When you or your antivirus only partialy removes it, it hides your files and corrups windows.

  44. kyle mcarthur on April 29, 2012 at 8:33 am

    Hi,

    just received same email from sup.365@usps.com, in scotland so thought it was weird. i have a macbook pro so doesn’t seem to have done anything. anyone know if affects macs??

  45. Kevin on April 29, 2012 at 10:08 am

    George, it’s suspicious that so many commenters were actually expecting a package or had just mailed something. This would suggest that USPS is infected, how else would all these people be targeted? Have you asked them about this? Of course they will deny everything but maybe a little social engineering aimed at their tech dept. might reveal some facts.

    • George Gombossy on April 29, 2012 at 10:12 am

      That Kevin, is a VERY interesting question. What does everyone think?

      • Toran on May 9, 2012 at 3:17 pm

        Must be something hacked from USPS. They are using the real site as the from address and I only reviewed it after I was tracking a package on their site.

  46. jackie on April 30, 2012 at 1:03 pm

    Hi, the virus also reached the netherlands, Ijust recieved the same mail… so dutchies be warned

  47. kathy on May 8, 2012 at 12:46 am

    I got this email earlier tonight.I can’t beleive I was dopey enough to try and open it but I am awaiting an important package and had no idea where it was coming from.
    Not only did I try to download it once, but twice. Argh, kicking self, I am smarter than this…
    When I couldn’t open it (twice), I attempted to forward it to my work laptop and it would not send it. Hmmm, brain kicked in and I immediately went to my last Restore Point and ran it, then I Googled USPS virus..and here I am!
    Oddly, the file still showed in ‘My Documents’ so I deleted it and then rebooted. All of my pics and files still seem to be intact on the computer.
    PC in question is running Windows 7, no clue if there is any security running on there ( I know…)

    Did I get lucky?

    • George Gombossy on May 8, 2012 at 8:32 am

      Iwould run walware removal it’s free

  48. T Howell on May 8, 2012 at 8:28 am

    We got it from “ship@charlotte.com”. 1st flag: the “Bcc:” was obviously from a mailing list. 2nd Flag: Lousy English. 3rd flag: clicking on the attachment led to an an Adobe file BUT with an .exe extension. Why would an Adobe file need an .exe extension? Did not compute.

  49. N on May 10, 2012 at 2:46 pm

    Just got one this morning. Did a quick search and found this site before doing anything. Thanks for posting about it!! Here’s what my email said (it was from UPSP.biz – that’s what made me double check).

    Good afternoon, Name Here

    Your parcel has arrived at the post office on 10.05.2012.
    Our Driver was unable to deliver the parcel to your address.
    To receive a parcel you must go to the nearest USPS office and
    show your postal label. Label is attached to this letter.

    Thank you for your attention.
    USPS Customer Services.

  50. Jacob Schipper on May 12, 2012 at 10:57 am

    Received following e-mail from USPS Customer Service :
    Delivery information,

    We couldn’t deliver your parcel at your address.
    Status deny\The size of parcel is exceeded.

    LOCATION OF YOUR PARCEL:Tallahassee
    PARCEL STATUS: sort order
    SERVICE: Local Pickup
    ITEM NUMBER:U514321899NU
    INSURANCE: No

    Label is enclosed to the letter.
    Print a label and show it at your post office.

    Attention!
    If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $9.97 for each day of keeping over limited time.

    You can find the information about the procedure and conditions of parcels keeping in the nearest office.

    Thank you for attention.
    USPS Global Mail.

    I responded to this e-mail by asking for more details since I was not expecting anything. This e-mail to manager@usps.com bounced: unknown e-mail address! I am using a Mac; there was attachment to this e-mail.
    What should I do; everything seems to be working fine.

  51. Jacob Schipper on May 12, 2012 at 11:02 am

    Sorry my earlier e-mail now reads …there was attachment to this e-mail.
    SHOULD READ however …there was NO attachment to this e-mail.
    Makes quite a difference!

  52. Silvia on May 14, 2012 at 11:24 pm

    Hi, I’m writing from Italy and i have just received the following email.
    Rispondi a: USPS Customer Service A: silvia.dimarino@gmail.com

    Nascondi dettagli

    Delivery information,

    Our company’s courier couldn’t make the delivery of parcel. Reason\Wrong data delivery.

    LOCATION OF YOUR ITEM:Fayetteville PARCEL STATUS: sorting SERVICE: Express Shipping Parcel number:U187588500NU FEATURES: No

    Postal label is enclosed to the letter. Print your label and show it at the post office.

    Information in brief: If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $21.35 for each day of keeping over limited time.

    You can find the information about the procedure and conditions of parcels keeping in the nearest office.

    Thank you for your attention.

  53. kim on May 21, 2012 at 12:14 pm

    I got one of these awhile back too, just opened the file a few days ago! I think someone had remote access to my computer! my camera came on and I am pretty sure someone was sharing my computer(macbook)….that’s scary, is that possible? I threw the zip attach in the trash emptied it and then turned off computer. Everything seems fine now but I’m still freaked out

  54. Gimmeawall on May 30, 2012 at 2:47 pm

    Got this on my mail too, just after I bought something in The US, delivered by UPS. I’m glad I was suspicious and googled it, so I didn’t open the corrupted file, but there’s a question : did anyone had problems after ? Other emails, advertissements, problems with credit card ? Cause if this virus “knows” i had a package from UPS, it might also knows my address, what i Ordered, etc, etc :/
    (Sorry for my English, I’m from France and my English teacher says I can’t be helped)

  55. Susan on June 9, 2012 at 9:13 pm

    I got the usps email virus too. I had AVG running and it slipped past their defenses. The first I knew something was wrong was when I tried to log in to my host after my email wouldn’t work. My ‘techy’ brother in law told me that the pop-up requesting the network password was probably routing the info to the virus home. I found out that the name of the virus was “Trojan horse Backdoor Generic15.AENI.” I can use the internet, but most passwords don’t work.
    Now it has stolen my website and my email. Still afraid to log in to PayPal or pay bills.

  56. Oliver on June 18, 2012 at 6:44 pm

    They sent me one saying they’d found a ATM card in it with 360 Thousand uros on it and if I wanted it back I would have to pay 156 for it and anyways I do not pay in uros and i didn’t even send a parcel

  57. Jonathan Hutchinson on July 12, 2012 at 6:32 am

    Okay, I am going to make a massive plead for help in the hope that someone listens!

    My dad got this email, and as I’ve been doing a lot of posting of items he incinuated it was for me, even though the email was sent to his personal address. So I did think it fishy, I’m not a moron. What I’ve learnt is I should always remember to search for the virus in the hope of a message board like this, which has confirmed my suspicions.

    So at the time, yes, I was stupid enough to download. Then, I was slow enough to run the .exe file. It had a PDF logo which I instinctively double clicked befotre realising the .exe on the far side in windows explorer. It disappeared, so I then went on to delete the folder that was downloaded. None of the items on the computer have deleted, but Norton is continually coming up with an ‘Email error’ window which has From, To and Subject. The subject is the USPS related part, with two email addresses I dont know of in from and to.

    I am sort of in limbo! Don’t know how I have been affected, or what severity of action to take! Help please!

  58. Ed on July 14, 2012 at 6:49 pm

    I got one the other day. I had made a purchase through EBAY and it was past due on the delivery date. I thought it was funny that the ebay seller would contact me off site, but whatever…

    The email said “for more info and the tracking number please download the shipping label.”

    Huh? Why would I need the shipping label?

    Anyways, antivirus caught it and would not allow me to open it.

  59. Larry on July 15, 2012 at 11:11 pm

    Got the USPS.COM “tracking” w/storage charge tonight.
    Kaspersky nailed it hard.
    All is good.

  60. Dave on July 25, 2012 at 11:25 am

    Yep got it tricked me as eBay on route. Wiped out trash/ sent/ drafts/ contacts from Outlook 2010. McAfee had no alarms and their on line assist couldn’t find anything. Simultaneously lost home age from IE too!

  61. eynaa on September 6, 2012 at 3:17 pm

    I got tricked too. Since im selling cloths. But i never deliver or order anything from us. See how stupid i am. All data in my lappy seems gone. And my husband was mad at me. I dont know how to tell him it was my fault. Haha. Why did i run that file. This virus already reach malaysia. Should i change password for my bank account? Or anything? What should i do? Sorry. Bad english.

  62. Mary on September 13, 2012 at 12:15 pm

    Use AVG free. It will clean it up

  63. Lisa on November 1, 2012 at 5:08 am

    I unfortunately opened the file and attachment. I was using my mac when I opened it, but we do have some PC’s in the house. Could the virus be on our computers? Any of them or only the one I opened it on? What should I do with my mac? It is working fine… no issues, but I am concerned about the keystroke thing. should I be? thank you for any help.

    • George Gombossy on November 1, 2012 at 8:28 am

      If you only opened on the Mac it won’t affect your pc but I would still run a malware program on your Mac to make sure it is clean

  64. Tony on November 2, 2012 at 6:03 am

    Looks like their at it again. I received this email today but became suspicious when they referenced themselves as UPS in the email. It was clearly from questions@worldwide-usps.com. Did a quick search and found this site. Keep up the good work.

  65. Larry on November 5, 2012 at 11:44 am

    I got one today. It was worldwide-usps.com. Did not open the attachment because the date they gave was off by a day that I sent the package and I though how would the post office have my email address. Since I did not give it them when I sent the package.

  66. Daphne on November 5, 2012 at 1:26 pm

    My mom got this email last night and opened it on my computer. She then downloaded the attachment, but she was unable to open and run the file since the attachment was saved as a .zip file. I’ve scanned my computer with Norton and Malwarebytes and so far my computer seems to be fine. Should I still be worried?

Leave a Reply

Your email address will not be published. Required fields are marked *