Skip to content
Naked Security Naked Security

Advent tip #21: Bought online? Watch out for bogus courier emails!

Will that last-minute gift get delivered in time? Don't be tempted by emails that say they're from a courier company that couldn't deliver.

If you’ve been doing any last-minute online shopping for Christmas gifts, you may well be waiting with increasing anxiety for the items to be be delivered.

So, don’t let your guard down when it comes to emails claiming to be from couriers.

The trick usually goes like this: the courier company tried to deliver your parcel, but no one was home, or the address wasn’t correct, or something like that.

You need to contact the couriers to check out the details and make arrangements so the delivery can be completed.

If you happen to be expecting a delivery, the email may seem perfectly well-timed…

…and, to help you out, there’ll be a web link or an attachment in the email that you can click or open to sort things out.

Even if the email doesn’t look quite right – for example, because it contains bad English, or mentions a courier company you don’t usually use – it’s still tempting to click through or open up the document, just in case.

After all, if the site turns out to be bogus, or the document to be fraudulent, you don’t have to take things any further.

Except that by then it could be too late.

Booby-trapped documents that infect your computer simply through opening them are an increasingly common weapon in the cybercrime armoury.

So too are web pages loaded with so-called exploit kits that fire off a sequence of attacks on your browser while you’re distracted by the rest of the page.

If in doubt, look up the courier company’s phone number yourself (don’t use the number in the email!) and give them a ring.

💡 LEARN MORE – The danger of booby-trapped Office attachments ►

💡 LEARN MORE – A real-world “courier delivery” scam that foisted malware on Mac users ►

💡 LEARN MORE – How exploit kits attack your browser ►

Images of Christmas tree and Advent calendar courtesy of Shutterstock.


NOOOO, you converted to now all I see is misaligned text. Why god why do people NOT host their own content, bandwidth is not that expensive… I will miss you all, and the news too. It also makes managing webfilters a pain in the arse.


We’ve been using VIP right since the start of Naked Security more than five years ago.

Methinks your “misaligned text” (what does that even mean?) may have another cause.


1) Re [“misaligned text” (what does that even mean?)], it’s probably badly written or badly interpreted CSS playing havoc with the OP’s text layout.
2) Re sketchy emails: I try, when I just *must* see what’s going on, either to “view Source” (to see the actual MIME code transmitted), or to open th email in the WAO browser of an ancient 20th century feature phone that will display only the text bits of the message. Either way, I’ll see whether its realy writing or rather or the like :-) . That also lets me, for example, forward to spoof at paypal dot com the phish I get from paypa1 or from paypaI (for which the real paypal unhesitatingly always thanks me most profusely) without endangering my real computer.


I work for a public agency and we receive these phishing e-mails regularly. I guess the fact that you can use some bot/spyder to find every available e-mail address and then send the scam to all 1M+ of them, it’s likely some recipient is likely to fall for it.


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!