Publications

Scammers’ delivery service: exclusively dangerous

Table of Contents

Well-known companies and brands are favorite targets for fraudsters. After all, it is much easier to get people’s attention with the use of a popular name, so scammers have more chance of trapping a gullible user.

In this article, we will analyze phishing and malicious emails sent by fraudsters that claim to come from international delivery services. The most popular of these are DHL (Germany), FedEx and United Parcel Service (USA), TNT (Netherlands). All of these companies are international, with millions of customers using branches in major countries all over the world. They provide similar services, so scammers use the same methods and techniques in their fraudulent mails.

The phishers’ goals include:

  1. Theft of confidential data (bank card credentials, logins and passwords from personal accounts), mainly with the help of fake web pages imitating official pages of the site. In a phishing attack users provides the fraudsters with their personal data by filling the fields on fake sites or sending them via email.
  2. Installing various malicious programs on users’ computers. These programs are used not only to monitor user online activity and steal personal information, but also to organize botnets to distribute spam and launch DDoS attacks.

Headings of fraudulent emails

The From field

Structurally, the  address in the From field looks like this: Sender Name . To confuse recipients, scammers can change parts of the address and often make it look very similar to an official address of the delivery service.

There are several groups of email addresses seen in fraudulent emails:

  1. Email addresses which closely resemble companies’ legitimate public addresses. Generally, they use the name of the company (DHL INC, TNT COURIER SERVICE, Fedex, etc.) as the sender name. The name of the mailbox often includes the words info, service, noreply, mail, support which are typical of email addresses used to send official notifications. The server domain name often has a real or very plausible company domain.
  2. FraudShipment_1

  3. Addresses which do not resemble legitimate company addresses. The sender name still reflects the company name (FedEx, DHL Service, FedEx.com) but the domain name usually belongs to a free email service or an absolutely different company. The email address could be taken from a real user (taken from public sources or hacked mailboxes) or automatically generated addresses. The latter usually appear as a random sequence of letters, words and numbers.
  4. FraudShipment_2

  5. Addresses that resemble e-mail addresses of company employees. The sender name may contain the name and surname of a supposed employee, or the company name, or a position (courier, manager, etc). The name of the email box usually contains the same name and surname as the sender name because any difference in the data may alert the recipient to a fraudulent email. Either the real company domain or other domains not related to delivery companies might be used as a domain name.
  6. FraudShipment_3

  7. Addresses which only indicate the sender’s address without a name.
  8. FraudShipment_4

While analyzing sender address, remember that scammers do not need to hack the company servers to use the real company domain in the From field. They can simply insert the necessary domain name of the server into the From field.

The Subject field

The subject of the fraudulent mail should capture the imagination of recipients and encourage them to open the message, but it also needs to be plausible. Therefore spammers choose common phrases typical of official notifications from delivery services. After sending a parcel or a document, customers worry about its successful delivery and try to follow its progress by reading any notification from a delivery service.

The most popular subjects are:

  1.  Subjects related to the delivery/shipment (shipment notifications, delivery status, shipping confirmation, shipment documents, delivery information, etc.).
  2. Examples:

    FraudShipment_5

  3. Subjects related to tracking shipments, order information and invoices (the tracking number of the shipment, tracking the shipment, etc.).
  4. Examples:

    FraudShipment_6

  5. Subjects related to notifications about messages and accounts (creation and confirmation of accounts, new messages, etc.).
  6. FraudShipment_7

The design of the email

Scammers pay special attention to the design of the email. Their main goal is to make message as believable as possible. After all, if it looks suspicious, a potential victim will most likely delete it despite the attractive subject and plausible sender address. Let’s analyze the basic techniques that fraudsters use to make emails look legitimate.

Graphic design

All major international companies have their own corporate style, including wordmarks, graphic trademarks, corporate fonts, slogans and color schemes. These are used on the official website, in mailings and commercials, and in other design components. Scammers use at least some of these elements when designing fraudulent emails to make them look convincing. Usually phishers focus on logos because these elements are unique to each company and is an immediate identifying mark.

Examples of DHL company logos used in fraudulent emails.

FraudShipment_8

Let’s take a closer look at these examples. It’s immediately obvious that the second example is very different from the company’s official logo. Another sign of a forgery is the difference in size between the false logo and the original, as seen in the fourth example where the logo takes almost a third of the message. Here the plan is probably to attract the reader’s attention with a large bright picture rather than plain text. That also explains why the phishing links appear in a larger font: users should respond to it immediately, without trying to read the small print.

In the first example, the scammers are trying to copy the design from the official site (a very popular method). However the logo is placed on the right-hand side rather than on the left. Also they are using a color blend for the logo background rather than making it single-color. The logo in the third example most closely imitates the original DHL logo: the scammers have tried to match its size and design. It’s not really all that difficult to make a logo for a fake notification: there are plenty of versions of the original image available online in several formats, including vector graphics. In addition to the logo the fraudsters use the color spectrum chosen by the company in its official resources and mailings. For example, for DHL it is a combination of yellow and red.

The text design

In most official emails we find a number of set phrases, especially when it comes to standard notifications generated and sent automatically. These messages often include contacts and links to the official resources of the sender. Therefore, to make the text of the fake email look like an original notification from a delivery service the fraudsters use:

  1. Standard phrases typical of official mass mailings: Please do not reply to this email, This is automatically generated email, please do not reply, All rights reserved, Diese Versendung ist automatisch, Bitte beantworten Sie diese nicht, This communication contains proprietary information and may be confidential. Questo e’ un email automatico, Si prega di non rispondere, etc.
  2. FraudShipment_9

  3. Links to the official page of the company. Not all links contained in the fraudulent email are phishing – spammers may also use the links which really lead to the official resources on order to make their emails look legitimate and bypass spam filtering.
  4. FraudShipment_10

  5. Contact for feedback. The fraudsters often indicate the contact information of the sender or the company (name, surname, position, office address). These contacts might be real or fictitious.
  6. FraudShipment_11

The content of the email

When fraudsters send out fake emails convincing readers that it is a real message is only part of the battle. The next step is to persuade the potential victim to do what the scammer requires, such as providing personal information or installing a malicious file. This is where psychology comes into play, and the email content is the main tool.

In fraudulent notifications allegedly sent on behalf of delivery services often use the following tricks:

  1. Notifications of various problems (eg. unsuccessful delivery, lack of information, wrong address, no recipient at the delivery address). These phrases are usually related to the delivery since the companies in question are in the service sector. Therefore, a logistics company warning of a problem with a delivery doesn’t prompt any suspicion, especially if the email contains some details of the situation.
  2. FraudShipment_12

  3. A demand to do something or face some consequence. For example, “collect your parcel within 5 days otherwise it will be returned to the sender”.
  4. The scammers use deadlines like this to make recipients react immediately. The phishers hope that users will be so worried about losing the parcel or paying extra costs that they won’t hesitate to provide personal details or open a suspicious attachment.

    FraudShipment_13

  5. Phrases about the content of an attachment or link (invoices, detailed information, documents).
  6. Users are unlikely to open unknown attachments or follow unknown links. That’s why scammers imitate official websites and present malware as a document with information a parcel. In addition, if the text of the notification states that the attachment contains, for example, a consignment document, the malicious archive will have a similar name, such as “consignment.zip.” This applies to phishing links as well – scammers name their links with an appropriate phrase from the text, such as “shipping information”.

    This simple trick is intended to reassure recipients that the attachment or link is perfectly legitimate.

    FraudShipment_14

  7. Phrases about the need to do something (follow a link, open an attachment, print out a file, etc.).
  8. Assuming the fraudsters have convinced the recipients that the email is real, the next step is to tell the victims how to solve their problems. Fulfilling these instructions is the ultimate goal of the fraudulent email. Here it is important for the scammers not just to tell recipients what they need to do, but to make them understand correctly what is written in the message. To avoid any misunderstanding on the part of the recipients, messages often contains detailed instructions about what to do.

    FraudShipment_15

How the text might change

Cheating the user is not the only thing scammers have to do. They also need to bypass spam filters and deliver the email to the email boxes of potential victims. One of the most popular and long-used methods to bypass filtering is to change text fragments within the email. Modern programs designed to send out spam messages include ample opportunities to generate multiple changes in the text. The text of a message which varies from email to email makes the email unique, while different personal information specified within one mailing (such as the number of the shipment, the form of the address, the dates) helps to convince recipients that the email is intended for them. In addition, the fraudsters can send out emails designed in the same style for several months – they only need to change some elements in the text.

Fraudulent notifications from delivery services can change:

  1. The information about the order/shipment, including the tracking number of the shipment, delivery dates, etc.)
  2. Contact details, sender names and company names. Some mass mailings provide an e-mail address or a phone number of a company representative for feedback. This particular data changes from email to email. In addition, names of company representatives and even company names themselves may also vary.
  3. The name of the attachment. It mainly refers to malicious attachments which names vary in messages within one mass mailing while these different names hide one and the same malicious program.
  4. Links. In phishing emails and emails with malicious attachments scammers often specifically change the addresses of the links, masking them with the help of different URL shorteners. Most of these links are quickly blocked by current antivirus programs.
  5. Phrases indicating numbers and dates. These can refer to timetables (days, hours), sums of money and dates (day and month)
  6. The greeting. Here spammers generally use the email address and/or the name of the recipient. Sometimes they use generic expressions (Dear client, Dear customer, etc.) instead.
  7. Other text fragments. Some words are replaced with other phrases that have a similar meaning so the general sense of the sentence remains unchanged.

Let’s analyze some examples of changes in the text of fraudulent emails.

FraudShipment_16

Below are some emails from yet another mass mailing.

FraudShipment_17

Fake pages

To steal personal information from users, scammers create phishing HTML pages which partially or completely copy the official website of a company. If victims of fraud enters their personal information (bank details, usernames and passwords) on this page, that data immediately falls into the fraudsters’ hands.

To mask the links leading to phishing websites the fraudsters often use popular free URL shorteners. In addition, most services offer customers the ability to view the statistics on the short link which tells fraudsters more about the number of clicks on any links etc. Phishing pages can be located on specially registered domains which usually have a short life span as well as on compromised domains whose owner may not even be aware that the web site is being used for fraudulent purposes.

Let’s analyze a fake email sent on behalf of FedEx in which recipients are asked to update their account information. The text of the email contains a link to the official website of the company while the real address to which the user is redirected is nothing like the legitimate page and is located on a free URL shortener service. This becomes obvious when you hover on the link.

FraudShipment_18

After clicking the link, users get to a fraudulent page imitating the official website of FedEx, where they are asked to enter their logins and passwords to access their accounts. Once the users fill in the fields and click “Login”, the entered information is transmitted to the scammers who can then access the victims’ personal accounts. The menu tabs and other links on the phishing page are often inactive, so clicking on them will not take users to the appropriate page. However, in some cases, phishers imitate all links on the page so that users do not have any doubt about its legitimacy. Sometimes the design of the page imitates the official site but does not copy it completely. If you have a closer look at the details, you will see some differences between the designs of the real and the fake pages. However, most users do not pay attention to small details and this carelessness helps the scammers to steal personal information.

FraudShipment_19

Below is yet another example of an email sent on behalf of FedEx. This time it contains a malicious link.  The email informs recipients that delivery is impossible because of missing information. And now users have to follow the specified link for verification.

FraudShipment_20

The link leads to a fraudulent page where potential victims are invited to download a program that will supposedly check whether they are really going to receive a parcel. Naturally, the program turns to be the well-known Zeus Trojan, which helps the fraudsters to access the computer and all the personal information on it.

FraudShipment_21

Scammers might not only include a phishing link in the body of the email, but also attach an HTML phishing page designed to steal personal data. However this use of HTML attachments as phishing pages is unusual for fraudulent mailings sent on behalf of delivery services.

Fraudulent emails in different languages

To increase the audience of recipients and customers, spammers are mastering new languages. In addition to traditional English and German, current spam traffic includes emails in Hebrew, Albanian and other languages​​ which were found in advertising and fraudulent mailings a few years ago. For example, you may come across fake notifications from international delivery services written in Italian and Dutch. These emails do not have any special features that distinguish them from English- or German-language messages – to cheat users, the fraudsters resort to the same tricks.

For example, this Italian-language fake notification from FedEx tells users to confirm their identity by following a fraudulent link.

FraudShipment_22

Yet another mass mailing in Italian contained a malicious archive which included the Zeus/Zbot Trojan used to steal personal data. The fraudulent email claimed that the user profiles on the website had been updated and there was more detailed information about it in the archive.

FraudShipment_23

Another fake notification written in Dutch on behalf of TNT informs recipients that new accounts have been formed for them, with details in the attachment. The archive attached to the email contains Backdoor.Win32.Andromeda, a malicious file that allows the scammers to control the infected computer without the user knowing.

FraudShipment_24

Malware in fraudulent emails

Spam is one of the most popular ways of spreading malware and infecting computers on the Internet. Attackers have various tricks to make victims install malicious software on their computers. Email traffic includes a variety of private emails, such as wedding invitations, dating offers and other similar messages. However, fake notifications from well-known companies and brands providing different services remain the most popular cybercriminal trick. International delivery services are also used by spammers as a cover for malicious spam.

Malware spread in fake notifications from delivery services is divided into:

  1. Trojan programs developed to perform unauthorized operations in order to delete, block, modify or copy data, to disrupt computer or network performance. Trojans distributed in spam include Backdoors, Trojan-Downloaders, Trojan-Proxies, Trojan-PSWs, Trojan-Spies, Trojan-Bankers and others
  2. Worms, malicious programs capable of unauthorized self-proliferation on computers or computer networks. Those copies go on to spread themselves further.

What is dangerous about malicious programs?

  1. They can steal usernames and passwords from users’ accounts, as well as financial or other information sought by the attackers.
  2. They can create botnets for distributing spam, DDoS attacks and other criminal activity
  3. They can provide fraudsters with control over victim computers, including the ability to run, delete or install any files or programs.

Current malicious programs integrate broad-ranging fraudulent functionality. In addition, some malicious programs can download other malware, providing additional opportunities. These might include stealing usernames and passwords entered in the browser or seizing remote control over the whole computer.

Malicious objects in fraudulent notifications can be embedded directly in the email or downloaded from a link provided in the body of the message. The most dangerous thing about it is that malware can be run and installed without users being aware or installing any software themselves. Typically, malicious ZIP (less often RAR) files enclosed in fraudulent emails have an executable .exe extension.

How to recognize phishing emails

Below are a number of features that can help to identify a fraudulent email.

  1. The sender address. If the sender address includes a random sequence of letters, words or numbers, or the domain has no connection with the official address of the company, the emails should undoubtedly be considered fraudulent and deleted without opening.
  2. Grammar and spelling mistakes. Wrong word order, incorrect punctuation, grammar and spelling mistakes can also be a sign of a fraudulent mailing.
  3. Graphic design. Scammers are doing their best to make the email look very similar to the original. To this ends they are trying to imitate other companies’ corporate styles using some of their elements such as color schemes and logos. Inaccuracies and noticeable design errors are among the signs of a fake email.
  4. The content of the email. If the recipient of the email is asked under various pretexts to urgently provide or confirm personal information, download a file or a link – especially while being threatened with sanctions for not doing so – the email may well be fraudulent.
  5. Links with different addresses. If the address of the link specified in the body of the email and address of the actual link to which you are redirected do not match, you are definitely looking at a fraudulent email. If you are viewing your email from the browser, the actual link can be usually seen in the bottom left of the browser window. If you use an email client, the actual link can be displayed in a popup window if you hover the cursor over the link in the text. Fraudulent links can also be attached to a text phrase in the email.
  6. Attached archives. Generally, ZIP and RAR archives are used by cybercriminals to hide malicious executable EXE-files. Therefore, you should not open these archives or run the attached files.
  7. Lack of contacts for feedback. Legitimate emails always provide contact information for feedback – either the company or the sender’s personal contacts.
  8. Form of address. Fraudulent emails do not necessarily use the first name or the surname to address the recipient; sometimes a universal form of address (“client”, etc.) is used.

Scammers’ delivery service: exclusively dangerous

Comment

Your email address will not be published. Required fields are marked *

 

Cancel

  1. Earl Hamper

    I got a FedEx shipment notice and ask me to click on shipment notice I did but nothing happened something was blocking it. I could not print it out. It did not ask me for any personal information. Am I safe or do I have to do anything or have my computer check. I have Kaspersky security. I am 80 years old.

    1. Gabriel

      Anybody heard of Deliverex? Are they legitimate, or NO?

  2. Pamela Woodard

    Keep getting email from ups courier service asking for my banking. How and where can I report them?

  3. April

    Very informative and precise information. This will help a lot of people from scammers that are all over the place. With the technology today, we all should be getting services from reliable and trusted delivery service organizations.

    1. Sharon sidi changawa

      I was to receive a package max owen United States of america and he send me some ticket parcel and the things in the package on 31/10/2020 a woman called at exactly 7.00am and she said my package had arrived that was after 3days time so I could make some clearance fee for the package I told her to send a picture of the package and she did she gave me another 0740787192 for Mariam noah ali so I could send 7,500 for clearance but I did not later on I went and googled Global city coriuer for more information and I took a number from the company and i called 0771432406 and a man received by the name zaddoc kaliwa odhiembo and he send me his number 0796159238 so I could send 5515for my clearance fee and I did send in 20minutes time he said that the package detected some foreign exchange so I pay 20,000 for them to reliese the package so I did not send the 20,000 but what I did was I told them to remain with the package.Will I get back my 5000??

  4. Phylliss

    What about courier service that asks for money before delivery of a package from a forgein country?

    1. Xinderella

      Scammers trick..why must u pay to receive any thing? Don’t fall into their trap..they make you look stupid.

  5. Virginia

    My fiance got a message in messenger from his friends account. They are offering you to apply for a government organization that gives grant money. Then they approve you but ask for money to be sent ahead of time to receive a package that contains cash. I reported them to DHL and to Facebook.

  6. Lerato Lekgowe

    I’ve got a message that said I must go to eazylinkcourier to get my parcel but when I went there they wanted me to pay 2200 usd which is almost 33 000 zar into an account of Mormah Eminem Collins to get my parcel

  7. Sophie

    My fiancé send me a documents package includes check and gold according to him delivery trust company can send packages to my place. Then after he send the delivery trust company send me message including the tracking no.(#)the first track is in Bamako Mali then Rome or Germany I cannot remembered. The last tracking was in north Korea infection then then was on hold in North Korea! US is not diplomatic in north Korea asking me money for taxation in North Korea $6,500! What do you think about this!? Need help to get to know if is scam!?

    1. NYCTim

      Of course it’s a scam. Have you actually met your “fiance”? You need to dump him.

  8. Christopher Cates

    i was just trying to get information about a company called Global Link Delivery Service. Trying to see if anyone ever did business with them before.

  9. sue

    I had a man contact me on instagram 2 months ago about a box he wanted me to hav e deliverd to my home. He said it was coming bydiplomatic courier thru Sky Express. And that money had to be paid for the airbill and the certificate of origin in Germany via western union. I had pictures of everything and was convinced it was legit. The emails from Sky looked legit too. What do you think?

    1. Kate Rudy

      I have had three separate men pull the same scam on me and have turned them in. You will just lose your money. It is a scam.

      1. Xinderella

        Scammer collaboration w another syndicate to trick you to pay.If u never meet those online, its common sense its their cunning way of cheating you through this plot. To give you an illusion of a gift..common sense why can’t he meet you to pass you?

    2. July

      Same here the man said that he will send the box by Guaranteed Express. But company asked me to pay 3000 euro for shippin to some person in Bulgary in other case they will open the box. It’s just insane.

  10. Daye Trabasas

    Recieved a letter from LFLS a logistic cargo company from china that the shipment from china bound to japan is now being held at dubai custom for tax declaration.and I had to send them money to process tax declarations to be able for the shipment to be released.is this legal?

    1. William Moore

      This doesnt sound legit. I also received an email from another company asking the same thing. That taxes had to be paid before they will deliver.

  11. Zaideth

    Was his name James Black?

  12. Barb Stonestand

    Is kf direct a legitimate delivery service ?

  13. Rihanna

    I am at this point now. I paid and yet I have not received the package and the numbers cannot be reached

  14. William Moore

    I received an email from a supposed company called Integrated Parcel Service. Said I had a package but needed to pay the taxes on it. An exurbanant amount. I just have fun emailing them back and toying with them as they are clearly not legit.

  15. Veggie

    Can anyone tell me if skylimit logistics is a legit company? We have a package send to us but they are demanding a fee of $20000 AUD. When we search the company we can’t find any information about the company.

  16. Prity

    i was also contacted by a man using Lucas on Instagram he said he bought me some gifts laptop and a phone and few things so he said i i must pay duty of $1200usd to Kenya and i refused then i got a call from Kenya to pay the money on Western Union and i refused it something that is happening now as i am speaking i refused to pay the money and i told the guy to pay it himself

  17. Sandrille

    My boyfriend was planning to visit me then he will send first his luggage because he was in a mission but about to end. Then he told me told i need to pay first the $250 before recieving his luggage. He also send me some many proof that his luggage was on process already but its kinda weird because why i need to give money first. Anyone could answer me if this is scam?

    1. Xinderella

      Scammer collaboration w another syndicate to trick you to pay.If u never meet those online, its common sense its their cunning way of cheating you through this plot. To give you an illusion of a gift..common sense why can’t he meet you to pass you?

  18. Rosalyn salazar

    Is oversea express courier legit?

  19. Damaris kimani

    I wish I would have come across this before. A week ago a white man friend requested me on IG by the name (@jacksmart000)we began having conversation and later he asked for my number he later chatted me on whatsapp with a UK NUMBER WITH THE CODE(+44). Thinking that I was the luckiest woman on earth finding a white man I hadn’t seen it all untill this guy after a long chat of knowing each other he just told me he is heading to a supermarket what should he get me? He asked, and so I answered anything nice he will get. So he told me to send him my address and full names so I did,he then told me he will send the parcel immediately and I’ll receive it the next day cause he was going to use DELTA CARGO COURIE COMPANY. The next day came and I received a call in the morning by a guy who claimed to be working in the office so he demanded 20,000ksh for delivery and custom fee, so I did my best and sent the money then after some minutes he called again and asked me to send another 15,000ksh cause he released their is money in that parcel which is illegal to be sent through as part of the parcel. Mind you this mzungu guy after going to supermarket he sent me a list of what he had bought me it was as follows :

    A gold jewelry
    Diamond necklace
    I Phone
    Hand bags
    Rolex watch
    A ring
    And an envelope of (30,000pounds)which in kenyan money is almost 4 million. I was a happy person on earth not having any doubt. So the guy from the office told me that their is alot of money here you are supposed to send another 15,000 as a government mandate to allow this money to be delivered to. I started hustling seriously until when I approached lots of people about it and told me their is nothing like that, and that it was a scum it was still hard for me to believe. But now as we were communicating with this “mzungu” and telling him the office is demanding money from he kept on insisting that I should just send them for the parcel to be released cause it has lots of expensive goods,of which he was very convisable. Only after realizing this office guy was a scum because he started becoming so rude cause I was not sending the 15k.On the other hand the mzungu was insightful now and then that I should send the money. So this morning he asked me if the office called me I decided to lie by telling him no cause I had already started sensing that something is wrong. After some minutes he got back and told me but the office is just telling me that they have called you. I became a little bit bitter by digging in asking him questions and when he found out am now on the lime light he ended up blocking me. BE ALERT AND AWARE OF THIS BUSTARDS GUYS. IT WAS A GOOD LESSON LEARNT IN A HARD WAY AND THEY ARE MOSTLY USING LADIES!!

    1. K

      Thanks a lot that you have shared this story!
      I have almost the same story. Handsome man with UK phone nr, almost the same e-mail address with …001@gmail.com
      Just I got an e-mail from Zippy Courier Express (not an existing company) that I need to pay 1200 USD fee + container clean up. This is where things started to get suspicious and I stated to search on web and findr you comment + this page:
      https://www.consumer.ftc.gov/blog/2014/12/package-delivery-scam-delivered-your-inbox?page=4
      Don’t pay anything to them and please don’t trust in this “handsome” man.

    2. Besashiele

      Oh my!! We have the same experience. A Thai guy chatted on me, so we confabulate a lot and on the next day, he asked me to give my line number or whatsApp number. According to him he wanted to have a private conversation. He also promised to call me using WhatsApp. After our long conversation, he asked me about what cellphone I’m using, and anything I want. He wanted to buy and shopped for me. he sent me videos and pictures. After that, he also told me everything that he already sent it to the company; then asked my address, and told me that there is money inside the package, too. So, I gave him my real name, address. I was so sincere on responding on his chats. However, there were doubts on my mind and i started to ask him because he told me to prepare 15,000 pesos. borrow and when my package has been delivered I have to go to the bank convert the money and pay my debt. Now, I told him it should never be like that. He suddenly got mad. he sent a picture of receipt. I keenly looked at the details, and I realized different name were indicated on the receipt. On the next morning, This company, called me. They wanted me to pay, of course I argued and report it to my Thai boyfriend. I was puzzled with his reaction. He was not panic nor worried about his package. I still keep on chatting with him, and response as is I truly believe it. … I sent him a lot of message but till now, he didn’t make any responses..

      1. Stackz

        Is horizon logistics express a real shipping company and can it be trusted?

    3. B

      This ones used true cargo home delivery services
      Successfully robbed me
      Guys be careful

    4. Pravi

      Thank god from yesterday I was searching scam like this
      Thank you all for this message
      You saved me from these frauds
      Same case is going to happen with me
      One of my friend from UK (+44…….) told me that she send me parcel containing
      Iphone
      Macbook air
      Rolex watch
      Nike shoes
      T-shirt
      50000 pounds = almost 5 million indian currency
      The shipment will be done by tomorrow
      And she said that i have to pay 35000 indian currency for clearance charge
      Now I get these and aware of these

  20. Chris

    Hey can you tell me what happened after this? I dated a man online and we video chatted seems legit. Falling for him. And he said he needed to send me some of his belongings before his send off mission. But this suspicious company is emailing me to pay and send 1,350USD to had this packaged be shipped. Please advise.

    1. Anonymous sender

      I had the same stories. I have chatted someone and he said he will send all his valuables including gifts for me. He sent a tracking code to check the shipping thru a courier company website. Seems so real. Then after I received an email from the company that the items is now enroute. Then after they will send again another email that the item has arrived. They they said that inorder the item to be delivered I need to pay the custom charges and clearance fee amount of $1120. It is a scam coz they ask to send it thru an account number which I think belongs to a personal account and not a company owned. It is a scam! BEWARE!!!!!!

      1. Juliana

        Same..me too..and the cargo company just email me and tell that i must pay for more recharge..i must pay 1000 USD..and the package from romania..i email them back to returned the package..cause i don’t have money and they replied like them mad at me cause must returned the package

    2. Qwertyuiop

      I contacted with one person bcos i was using an apps to looking for friends or partner. We chatting everyday. And suddenly she told me that she got something for me she need my full address, phone number and my full name. At first i refused, but the next day i send her my address and my full name because i trusted her. And last night she told me i need to pay for the government tax. And the package will be arrived on Wednesday morning. Now im still here waiting for Wednesday to come and see what will happen. And now she not respond to my chat. We shouldn’t trust anyone we just know on social media. Lesson learned.

  21. Lyn

    Please help, United Nation Express Delivery Legit or not?

    1. Naej

      I have also united nation delivery but need to pay taxes is that a scam?

  22. Azucena Garcia

    Has anyone heard of Quick Xpress Logistics asking for an amount for taxation to release package ?

  23. ghied

    i was been scammed 2 couriers namely non stop courier and paciwest international collecting money but no parcel delivered. so be aware of this couriers

  24. Stephen Vincent petersen

    I got a call from wordlwidecourier service saying that I have a parcel and it has 30 000 pounds in and I have to pay for customs to clear it 1850 and pay for the money 4790 and again to put the money in my account to pay 6150 I was so blind I paid the amounts but still waiting there response its just a big scam

    1. sweta

      im also a victime.a guy from scotland pretend to send me message on whats app ,a lot of things like jewellery etc…a company named delta courier services,they asked me it will cost 75,000 rupees i make the payment, then they asked me to pay again rs 120,000…and his phone number +44…he pretends to be a doctor…i regret a lot why i believe him….hes a big scammer n the delivery services also is in hand with him…

  25. Cheef

    Is American Parcel Express legit

  26. SANDRA JARVIS

    Is anyone familiar with Parcel Mind Courier Service? Are they legit?

    1. Julie

      I have also recieved this “company’s” name. I don’t know for sure but I’m doubting it.

  27. gem

    These scammers usually used the background of uniformed guys. Please be cautious these are scammers.

  28. Erlina

    Dear all, if anyone call you to pay the courier.cost in advance then DON’T do it. Just inform them that you will pay in their warehouse facilities. As all number one courier shipment service like DHL,FEDEX, UPS, etc…having Warehouse facility in each country and pay it direct to cashier in their office or warehouse facilities. As your if receiver refuse to pay the package will.be return to sender.

  29. Sofie

    Can you please verify if Stanbic Courier Express is a legit courier company?

    1. xtian

      i took a supplier from alibaba by the name KROMEELECTRONICS they claim to have been there for 18yrs, i made a purchase of some playstation consoles 5pcs and send them half the payment (bestelectronics108@gmail.com) the said they had packed my goods and given to the shipping company (proficientexpressservice.com) the goods were to get her to me in nairobi on 1/02/2021 but two days earlier they wrote me demanding $175 for clearing a charge thati paid after that two days later they called the suppplier and shipping company demanding a nother payment of $300 which i refused to pay becasue i had already sent a total of $460 and i hav not gotten any proof from them!
      proficient express services and bestelectronics are a scam and con!

  30. Johannamy Sombrio

    I receive an email from ASL saying that my luggage has arive in general santos airport philippines…but it was hold because there is a money inside…i need to pay 1050 dollars with in 48 hours..giving me name and nank account to where i should pay…i was tracking the number sent but i could not find it….is this a scam?

  31. Mildred Polino

    Is First Trust Logistics courier Services legit?….
    Their address is even wrong….

    1. Mar

      we have desame questions. I wanted to know also if that company is legit.

    2. Melanie Dionaldo

      Hi is first trust logistics services legit?

  32. Gee C

    Anyone heard of Maximum Class Express Service as a legit courier in Malaysia?

    1. Annur

      hey Gee C
      is Maximum Class Express Service really legit? have you got your parcel?

      1. Junivick Damgo

        maximum class express is a fraud

    2. Laltlanthanga

      This is fraud.

  33. Cynthia McGuire

    Is Global Eagle Courier a legit company?

  34. danny blackwell

    Has anyone heard of this company? Globalsecuresafedeliveries…. I cannot find any record of them…

  35. Adeline A Koch

    Received text message from express gold courier asking to contact them, have package from Dubai. Must pay $2,000.00 USD, custom fee. I keep getting messages on WhatsApp. What to do?

  36. Fernando Santos

    Does anyone know if A&A Express Delivery LLC in Orlando , Florida is a legitimate company?

  37. Lee

    I would say that we were having the same guy try to scam us. He used Lucas and he changes his last name and at times will use the name, Paul. He told me he bought me a car, jewelry, and clothes. Today, I was sent a text and email stating I needed to pay $5,800 for the items to clear customs. That was a lie. I looked into how much it would cost and it was $2,000.00. Not only that, but I would never pay for something that is coming into customs. Sky Express Delivery —- Scam

  38. Cristina del rosario

    Is excellent express courier service legit company.. I have a package coming from New York.. I received an email that the package is already here in Philippine custom.. I already paid 14,200 php for the custom charge.. after settling my payment through bank transfer, I got another email that there’s a huge money inside the package and I need to pay 34,500 for the money laundering penalty.. anyone here who could help me with this?! I tried to call the number of Philippines custom who texted me earlier but they didn’t respond..

  39. Lisa Chadwick

    Hi does anyone know if express delivery.com us legitimate? Asking for more money for goods to be released?

  40. Bryan

    It is a fraud they collect and collect fees then charge you demurrage that does not should be the fault of the customer

  41. Bryan

    Yes it is but maximum class express is a damn fraud

    1. Filo

      Any knows if EXPRESS WAVES COURIER COMPANY is ligit?

  42. heart

    is post express delivery co. legit?this friend of mine used my email and contact details to received a “package” the this post express delivery message me and my friend sent me the link to trace tracking number. as per the logistics i need to pay the clearance fee to receive the package but just to make sure i search everywhere and this is what i found.i didn’t reply to that friend coz i think shes scamming me

  43. Orla Almenar

    Hi just want to validate is this company legit Mega Fast Courier Service i have a tracking number. I monitor this because simebody send me a cargo UK to Philippines. But i wonder they were asking me to pay 16,000 pesos for tax etc.
    Please help me for ths concern. thanks

  44. Anonymous

    I have anexperience also,i have a man in USA we meet via messenger,we chatted each other and after the long run we became special friend,acording to him he is a pilot befor he go to venezuela for work their company have a free shopping according to him he don’t need it so he shop for me
    1 unit of ipone laptop
    1unit of iphone 11 pro max
    1 gold necklace
    1gold watch
    1 ring
    1 handy prada bag
    And money inside
    It seem to be real because he seen me the link of the courier,it was a wise courier services.com and he also sent me the tracking # then i check it my name was there,the delivery company here in philippine call me the package was arrived then she told me that i need to pay tax clearance because there is money inside the packge,then i pay for it,then she ask to pay again for the demurrage then i pay but she asking more in more payment and i stop,.did you think it is a scum?

  45. Nenita Galapati

    Hi everyone. I need help, are you familiar with Purolator Delivery Service Company? Is that legit? My boyfriend told me he will send me money by that courier, he was an us army who was now at Afghanistan for mission. I did not receive any calls yet
    asking me to pay for the parcel, because he said that the delivery courier will be arrived here in my country by Monday or Tuesday? Is this scam?

  46. Anthonette

    By reading some articles and comments just now. I sense that this person I’ve been talking for a month is suspicious too. He told me he wants to shop for me like? why would he? lol. So someone messaged me today that my parcel have arrived in our country and asking me to pay 20,000 pesos for some custom fees and delivery charged. The guy also indicate that he is an agent in this so called Global Courier Company. What do you think about that courier company? Is it legit? Because you know… I’m really trying my best not to be overwhelmed. I’m starting to have trust issues now.

  47. Filo

    At this moment I find myself in the middle of the situation as the most comment here above.
    Pretty Guy gained my confidence by weeks of chatting. Then the package with valuable things. Hold at the customs in Turkey. Where a lot of money is necessary to pay before clearancing and ensurancing and deliverance.
    Unfortunately I did search for this site first before paying. Now, my wallet is €5420 lighter. I feel such an Idiot.

  48. Sam

    Anyone herd of prevek courier company in Swansea desperate

  49. Saliha Salihi

    Hi
    Ir is saliha from Afghanistan
    Is skylimit delivery company legitimate??

  50. Rubi

    I received a text message telling me that my parcel was arrived here in the Philippines but telling me that the customs holds my package because I should pay for the customs clearance tax for about 42,500 pesos. As I thought the receiver should not pay anything. The shipper commanded me to pay for the clearance tax of his package.

  51. Peter Nwanta

    Please I want to know if Dania Direct Logistics is legitimate. I made an online order that was sent through them. I have paid several taxes and they are still demanding for more money saying that this is the last time that I will have to pay. Please I need a confirmation. I am already sensing scam.

  52. richard

    also has anyone heard about the maximum class express service that provides delivery services is it a legit company.. I also want to know whether this realtechtelpa company is a legit company that sell electronics.. because I ordered some products there and they provided me with the courier service I just mentioned about

    someone please help me out here and also do check this website realtechtelpa.com

    1. Bethany Allen

      Did you get any answer about maximum express deleivery? Thanks

  53. Samuelsunday

    Please is there any logistic company named WORLDWIDE SPEED DELIVERY? Are they legitimate?

  54. Analiza Verona

    Standard cargo services, is it legit or not please help me some advice

  55. Jona

    Good day i am jona i have concern about the luggage please.already sent parcel go to philippines.i have recieve email my parcel already here in manila .before recieve parcel we need to pay 500usd.

  56. Jessah

    Does ACCESS GLOBAL EXPRESS COURIER is LEGIT?

  57. Rosalie Pol

    i want to know if this tracking number in prime express delivery is legit i have package not recieve because the costume hold i need to pay 15,500 this tracking number is legit? Ped0963436121CA, im worried about this, this package last november 28,,,Reply Please

  58. jhen

    Is airmax courier is legit? I have friend, he’s so nice and very hardworking he also an orphaned & lost contact w/ his uncle ask me to be a reciever of his belongings including w/ his last mission payment. He convinced me many times but i dont agreed. He begged me for his future and dream hospital wants to build he said. I dont agree coz i know money cant be sent in package it can be hold by the Customs but he said it was approved by UN govt so its okay. He was in a hurry coz of his mission. No bank opened in there area coz of war only courier can send their package to.He convinced me. I gave my personal details.First stop service courrier emailed me asking for insurance fee $1500 in china customs. Before 24 hours I paid the amount coz my friend begged me to pay and promise will double my money. Next. stop, got emailed from airmax courier that phil customs ask for changing ownership and the amount is $4000 i replied u cant change the name of ownership coz i am just a reciever not a sender of that package why should i pay isnt it to much? You may send back the package to the place where it came from and i will not pay for it. If youre not pay w/in 24 hours the package will be confiscated by the customs they said.I told my friend he tried to convinved me to give the money and ask for discount. I told to him i am being scammed and i will not allowed it but he keeps chat on me many times to pay and give the money. Airmax courier emailed again threatened me if not pay w/in 48 hours US govt will come to my house and will take me to jail for being unresponsible. I told to that man lets BOC take over your package we have now funds to purchace for covid vaccines. Then I ignored both of them

  59. Shane

    Proficient Express Service. Products keep getting held in various countries, they keep asking for more money for VAT and taxes, keep claiming I will be reimbursed once my products are delivered. Also asked for another $800 as my products were on hold for COVID insurance? Seems like a definite scam, I should have gone with the freight company I usually use, but I was drawn in by the “Free Shipping” Lesson to be learned, trying to save a buck and cut corners costs more in the long run.

    1. Shane

      Also shipment had a “mistake” they “Accidently” sent 70 instead of 7 and request I pay the VAT and taxes on them before they are released.

  60. Marta turingan

    Is instant world wide delivery legit?

  61. Susan

    Can anyone inform me if Global-EP Logistics is a legit shipping company?

  62. Jean

    has anyone heard of delivery express DE GROUP ?

  63. Anna

    Hi all
    Urgent help,
    Anyone heard about JGlobal delivery??
    I paid for the parcel but now they want lots of money for custom

  64. Juliana

    I just receive a message that i got a package from romania but must pay 1000 USD first..for recharge..is that true must pay that much??thanks

  65. Steph

    Is there a service called express private delivery with Swift Couriers?

  66. George Wheeler

    Is the company “finaldelivery.nl” a real and legitimate company?

  67. Tannabah Williams

    Is united star express a real shipping company? I have a parcel that is being sent to me and they are asking for $3000 to deliver it. They said I have to send my my payment through bitcoin.

  68. Christy

    I keep getting text messages from DHL saying my order ready for delivery. When I click on delivery details asks for delivery fee. Is th scam?

  69. Clarissa

    Has anyone ever heard of AKG Courier Services LTD? I thought I had found a respectable breeder but now I believe I was scammed. AKG asked for a $1500 refundable pet insurance to transport. After the refund they said they would need a $1500 direct deposit at 1 of 2 local sites. I’m concerned they will try to come after me.

  70. Cassandra Horsely

    lsl delivery services llc is a total scam. They were sending all kinds of items to my address under different people’s names & having me ship the items to Amazon & other vendors. They wanted me to attach my Ebay information to the account claiming it had to do with my salary (which made no sense at all) Emails came from lsl.paulwidmer@gmail.com & jamolher@terra.com.br Website tasks.packagemgr.com which keep showing up in German before my computer or phone asks me to translate.

  71. shyrein

    is Lyon express courier service legit?

  72. Mary Joy

    Worldsafe courier delivery company is legit or not?

  73. Shirley

    eagleexpresscourierservices1@gmail.com
    This is the email address I was asked to get in touch with them regarding a package that is intended for me. I was also instructed to tell them what the package contained.
    I am worried that this may possibly fraudulent. Can you check for me please.

    1. angel

      is OVO express courier legit?

  74. Sherry Ali

    Does anyone heard about this company its called A and K globalcargoexpress there phone number Does not work an they haven’t responded to my email thanks

  75. MAE

    IS FIRST TRUST LOGISTICS IS SCAM I NEED BADLY THE ANSWER THNK YOU

  76. Lynette Mann

    I have an invoice from Aglo Freight and courier solutions
    How do I find out if it is legit
    Can u assist me please

  77. Itzayana

    Good morning, can you help me verify if the AirTrust Logistic page is a fraud? They sent me a package from that company.

  78. Ute Müller

    Wer kennt Netfleet Express Delivery, ist auch eine dubiose Lieferfirma. Man soll für Zollfreigaben zahlen für eine Box/Koffer. Erst 62 000.– € , jetzt fordern sie 210000.– €.

  79. Maria teresa

    I have a text message from fastway express yesterday then ask for pay the clearance fee ? It’s php30,000 pesos . This is a scam ? Or what? What should i do?

Reports

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Lazarus covets COVID-19-related intelligence

As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that the Lazarus group is going after intelligence that could help these efforts by attacking entities related to COVID-19 research.

Sunburst: connecting the dots in the DNS requests

We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs.

Subscribe to our weekly e-mails

The hottest research right in your inbox