“Final Note: Your Shipment Is Still Awaiting Processing” Email Scam

Photo of author

Written by: Thomas Orsolya

Published on:

In recent months, a deceptive email scam has been circulating that claims your package from UPS is awaiting processing due to “missing information”. This fraudulent email, which has the subject line “Final note: Your shipment is still awaiting processing”, aims to trick unsuspecting recipients into providing personal and financial information.

This UPS phishing scam has been reported by numerous recipients across the United States. If you receive an email appearing to be from UPS with this subject line, it’s crucial that you do not engage with it in any way. The legitimate shipping company UPS has no association with this scam email.

In this comprehensive guide, we’ll break down exactly how the “Final note: Your shipment is still awaiting processing” email scam works, provide examples of the email content, explain what you should do if you receive this message, and outline how to stay safe from similar parcel delivery scams in the future.

scam 1

Overview of the Scam

This phishing scam aims to exploit the fact that many people are regularly awaiting package deliveries from carriers like UPS. By pretending to be from a trusted shipping company that recipients are likely to have ordered from, the scam is designed to immediately put recipients at ease.

However, the sole purpose of this deceptive email is to trick unsuspecting users into giving up personal information and credit card details. The scam email is not affiliated with UPS in any way.

Here’s a recap of how this scam typically works:

  • Recipients receive an email claiming to be from UPS with the subject “Final note: Your shipment is still awaiting processing”.
  • The email states that the recipient’s package could not be delivered due to “missing information”.
  • There are fake tracking details and a scheduled delivery timeframe of 6-10 October 2023.
  • The recipient is prompted to “verify information” by clicking a link or downloading an attachment.
  • If clicked, the link or attachment is likely to lead to a convincing but fake UPS website designed to steal personal and financial information.
  • Any information entered will go directly to scammers, not UPS. This could lead to identity theft or direct financial loss.

This scam email is a classic example of sophisticated phishing techniques designed to look authentic and trick recipients into giving up valuable personal data.

How the Scam Works

Now that we’ve covered the overview, let’s explore specifically how the “Your shipment is still awaiting processing” UPS phishing scam operates at each step along the way.

1. The Initial Email

The initial email sent by scammers is designed to mimic legitimate emails from UPS. Here are some of the key features:

  • The email uses UPS branding such as the company logo, colors, and fonts used in official communications.
  • The sender email address is made to look like an authentic UPS domain, but will be slightly altered upon closer inspection.
  • There is an urgent call to action hook of a shipment awaiting processing due to missing information.
  • Basic customer and order details are included to make the email appear credible.
  • The overall tone, grammar, and wording resembles UPS emails.
  • There are no obvious signs such as spelling mistakes that indicate the email is not from UPS.

Here is an example of the text content:

Dear customer,

Final note: This email informs you that your shipment is still awaiting processing.

Your package could not be delivered on October 2nd, 2023 due to missing information.

Please verify information:

Order number: [fake number]Status: Pending for delivery
Delivery is scheduled between: 06/10/2023-10/10/2023

Thank you for your trust.

UPS Team

As you can see, everything from the formatting, branding, wording, and details are designed to instill trust in recipients that this is a valid email from UPS. But it’s entirely fraudulent.

2. The Fake UPS Website

If the recipient clicks the link or attachment in the email, they will be led to a fake UPS website. This is where the more overt phishing attempts take place.

The website is made to precisely mimic the real UPS site, using the same branding, colors, fonts, graphics, and overall visual design. But the URL will be slightly different to the real UPS site.

The website will have pages prompting the victim to enter personal information such as:

  • Full name
  • Shipping address
  • Phone number
  • UPS account details
  • Credit card number
  • Security code
  • Expiration date

There may also be downloads containing malware disguised as “tracking information” or “delivery forms”.

The intention here is to harvest as much personal and financial information as possible from victims. The website is set up to enable immediate monetization of stolen details.

3. What Happens to Your Information

So what actually happens when a recipient falls for the phishing scam and enters their details into the fake UPS website?

Unfortunately, all of the personal and financial information goes straight into the hands of scammers.

With your full name, address, date of birth, UPS details, and credit card information, scammers have everything they need to commit identity theft or steal funds from your accounts.

They may use your information in various ways:

  • Selling on personal information to other scam groups on the dark web.
  • Directly using your credit card to make fraudulent purchases online.
  • Signing up for services under your name and using your address for deliveries.
  • Applying for loans or lines of credit under your identity.
  • Draining your bank account funds into an account they control.
  • Hacking into your existing online accounts by resetting passwords.

The potential financial damage can be severe once scammers have your personal information, especially full credit card details. The impact of identity theft can also be hugely detrimental and difficult to recover from.

This is why it’s absolutely paramount not to click on anything, download any attachments, or enter any information if you receive this deceptive email.

What to Do if You Have Fallen Victim

If you have unfortunately engaged with the “Your shipment is still awaiting processing” phishing email and entered personal information, here are the steps you should take immediately to limit the potential damage:

Step 1: Contact Your Bank

Your first priority is to get in touch with your bank if you have submitted any financial information through the scam UPS website.

Inform them you have fallen victim to fraud and wish to place a hold on your account to prevent fraudulent charges. Your bank should be able to temporarily freeze your account and reverse any recent suspicious transactions.

You may also need to cancel your credit card altogether and be issued a new one to fully protect your account. Having the number cancelled will prevent criminals from being able to make additional charges.

Step 2: Change Online Passwords

Even if you only submitted basic personal information, you should still change passwords for all your online accounts as a precaution. Use long, complex passwords that are unique for each account.

Enable two-factor authentication wherever possible for an added layer of security on accounts like email, social media, and financial platforms.

Scammers could potentially use personal details to try and hack into your existing online accounts. Resetting all passwords renders any information they have useless.

Step 3: Contact UPS

Contact UPS directly to inform them that you received a fraudulent email and mistakenly provided information. You can call UPS customer service or visit your local UPS store.

Discuss whether there have been any unauthorized changes to your UPS account as a result of the phishing scam, such as updating the password or shipping address. UPS can provide insight into any account activity and help secure your real UPS account.

Step 4: Check Your Credit Reports

Check your credit reports frequently in the months after falling victim to identity theft related scams. Look for any suspicious new accounts or loan applications in your name.

You have the right to freeze your credit to block criminals from opening new accounts. If you spot any fraudulent activity, be sure to resolve it by contacting credit bureaus.

Step 5: File a Police Report

The final step is to file a formal police report regarding the scam as an official record of the crime. Provide all the details of how you were defrauded and the information you unfortunately disclosed.

Having a police report can help strengthen the case when notifying banks and credit bureaus if fraudulent accounts have been opened in your name.

The Bottom Line

Being vigilant and aware of common phishing techniques is absolutely vital to avoid falling victim to predatory scams like the fake UPS email asking you to “verify information”.

Legitimate organizations like UPS will never ask for sensitive information over email. Be skeptical of any unsolicited messages claiming there is an issue with deliveries.

If you receive the “Final note: Your shipment is still awaiting processing” email or any other suspicious correspondence, do not interact with it in any way. Report spoof emails as phishing to your email provider.

Avoid clicking links, downloading attachments, or entering information to deter scammers from capturing your personal data even if the message seems real at first glance.

With scam methods becoming more advanced, we all need to be on high alert to help protect ourselves from fraud. But if you do fall victim, act swiftly to contact institutions, freeze accounts, and change passwords.

Being cautious and using common sense is our best line of defense against parcel delivery scams trying to steal identities and money. Be vigilant and think twice before ever providing info to unverified emails.

Frequently Asked Questions

What is the “Final Note: Your Shipment is Still Awaiting Processing” scam email?

This is a phishing scam designed to steal personal and financial information. The email pretends to be from UPS, claiming your package delivery is delayed due to missing details that must be verified. Links and attachments within the email direct to fake UPS websites to harvest data.

Why would UPS be asking me to verify information over email?

The real UPS would never request sensitive personal or financial data through email links or attachments. This is a scam tactic used by fraudsters impersonating UPS.

What information are they trying to obtain?

The fake UPS forms are trying to trick people into providing full names, addresses, phone numbers, UPS account details, credit card numbers, security codes, expiration dates – everything needed to commit identity theft.

What should I do if I receive this email?

Do not click any links, open attachments or enter information. Report the scam email to your email provider and delete it. Manually navigate to the official UPS website if you wish to check order statuses.

I clicked the link and entered information. What now?

Immediately contact your bank to freeze accounts and cancel credit cards used on the site. Reset all account passwords. Check for fraudulent charges and alert credit bureaus. File a police report regarding the fraud.

How can I tell if an email from UPS is fake?

Look for slight differences in the sender address, grammatical errors, low-quality logos, urgent calls to action, requests for sensitive data, and threats about returned packages. Manually type the UPS website URL instead of using links.

How do I report scam emails?

Report to your email provider, forward to anti-phishing groups, use the FTC online form and notify the delivery company being impersonated so they can address misuse of their brand.

How can I recover from identity theft caused by the scam?

Place fraud alerts on credit reports, freeze credit, update your SSA record if your SSN was compromised, reset all passwords, monitor your credit regularly and report any fraudulent accounts or charges. Be proactive and persistent in resolving identity theft issues.

How can I avoid parcel delivery scams in the future?

Be wary of unsolicited emails about missed or delayed packages. Manually log into courier sites instead of using email links. Never provide personal or payment data by email. Verify tracking numbers match your own orders. Use scrutiny with any unusual shipping notifications.

How to Spot and Avoid Parcel Delivery Scams

Beyond the specific UPS phishing scam, fake parcel delivery emails are increasingly common. Here are some tips to spot and avoid delivery scams:

Warning Signs of Parcel Scams

  • Unexpected emails about missed or delayed deliveries you don’t recall ordering.
  • Payment requests for redelivery fees or customs charges.
  • Links in emails to track packages you didn’t order.
  • Misspellings, grammatical errors and incorrect logos.
  • Requests for personal information to verify identity and process deliveries.
  • Short response deadlines to pressure recipients, like threats of returning the package.
  • Attachments with forwarded tracking information that contain malware.

Safely Verify Legitimate Delivery Emails

If you receive a delivery email but want to independently verify it, follow these steps:

  • Go directly to the courier’s website by typing the URL in your browser. Avoid clicking any links in the email.
  • Use your tracking number to look up the status. Cross reference with your own order records.
  • Check the sender address matches the courier’s domain, not a lookalike.
  • Call customer service to confirm any payment or personal information requests.
  • Check the package weight and shipping address match your order details.
  • Look for poorly formatted emails with spelling/grammar errors and low-quality logos.

How to Avoid Falling Victim

  • Never provide personal or payment information via email links. Manually log into the delivery company’s official website if needed.
  • Use common sense scrutiny for any unexpected tracking information or delivery claims.
  • Review shipping notifications and tracking numbers from all your own orders so expected deliveries can be verified.
  • Take action immediately if you realize you’ve fallen for a parcel scam, like calling your bank.

Staying vigilant will help protect you from the rising threat of package delivery scams. Trust your instincts if an email just doesn’t look right and avoid acting on any suspicious requests sent to your inbox.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Previous

“I’ve Integrated A Software Within Your System” Email Scam

Next

“Congratulations To You, Your NFT Has Been Purchased” Fake Rarible Email Scam