Wednesday, April 23 2014, 09:23 AM MDT
Tracking a Package Leaves Consumer Vulnerable to I.D. Thieves
By Matt Gephardt
Produced by Cindy St. Clair
Edited by Aaron Colborn
Photography by Mike Sadowski
(KUTV) Several months ago, Peggy Davis ordered herself some new dishes online. The seller shipped the dishes and gave Peggy an estimated delivery date, but that date came and went.
Peggy says she remembered that shortly after she ordered the package she got an email from FedEx, so she decided to click on the email in the hopes of tracking her package. The email told Peggy that there had been a problem with her “recent order,” and that she needed to click on a link for more information. Peggy clicked on the link, but her interned security software blocked her from proceeding to the website.
Concerned it might be a scam, Peggy decided to Get Gephardt to investigate.
Peggy was right to be concerned. Get Gephardt contacted FedEx's corporate office who told us the email she received was not from FedEx. The email is disguised with FedEx logos and even reads, “FedEx” in her inbox, but the actual email address from which the email to Peggy originated is “firstname.lastname@example.org."
Get Gephardt sent the bogus email to Panda Security, an anti-malware company. Panda Security says that this is a popular scam that seems to hit hardest during busy shopping seasons. When online shopper's inboxes are full of confirmation emails from shippers the bogus email is easily disguised.
Panda Security says that had Peggy’s internet security filter not acted her computer would have downloaded a virus that would likely have worked to steal her identity and passwords.
Thanks to her filter, Peggy didn't fall for this scam. A short time later, her package did arrive.
(Copyright 2013 Sinclair Broadcasting Group)