TransWikia.com

Message about shipment delivered to drop point but I didn't order anything

Personal Finance & Money Asked on January 24, 2021

I received a message that my shipment arrived to its drop point. I’m a 17 years old student and don’t even have a bank account. I didn’t order anything. I already clicked the link they said it’s bad. What should I do? Is it phishing?

  • How did they get my info?

  • Should I be worried?

6 Answers

This can be a scam or virus attack. As you haven't given any info you are OK. Run a virus scan just to be sure.

There are multiple ways to get email addresses, it in itself is not much of worry. Just stay vigilant

Answered by Dheer on January 24, 2021

This sounds very much like spam to trick you into clicking that link or, once you contacted them, to get money from you (i.e. "You need to pay the shipping fee. I don't care if you ordered it or not, I got this article and should send it to you. If you want your money back afterwards, contact ..." - Money gone).

There are many emails around that claim you ordered something, made a payment that needs to be reversed, your bank needs your details and so on...

  1. Do not click any links in suspicius emails. They may lead you to sites looking exactly like the real ones to trick you into entering your credentials. Or sites containing viruses or any other malware.
  2. Don't believe it if you don't know for sure.
  3. Do never ever ever send any private information (name, bank information including account number, address) to someone you don't know is trustworthy.
  4. Do never ever open attachments if you're not 100% sure you know what it is. Once a program gets to execute (by a .exe file or a macro in a word document) it has full control over your system. It can then load additional files and do whatever it wants. Look up "Ransomware".

If a random stranger with a suit would walk up to you on the streets and ask you to sign some mysterious contract or give all of your personal data so he can send you money, would you do it? I hope not.

There are current viruses that read emails from infected system and improve the fake emails they send. These emails look very very real and might even trick experienced users to click links or open attachments.

And to answer your 2 questions:

  • How did they get my info: If they got your name, they got it from the email itself ([email protected]), got your email from social sites where you openly show this information or just guessed. I guess the drop point isn't even anywhere near you.
  • Should I be worried: No need to worry, I'm sure you get much more of these emails these days, but most of them are already removed by a default spam filter of the mail provider you use.

Answered by Chrᴉz supports Monica on January 24, 2021

How did they get my info?

Here are the most popular for spammers to get e-mail addresses:

  • Collect them from a web subscription / account registration of any internet service or buy them from someone who runs such a service.

  • Read the address book of hacked accounts.

  • Randomly try to "guess" valid mail addresses.

Should I be worried?

About getting the spam-mail: No, get used to it, your address is now on the list and will be sold on and on!

About clicking the Link: A little. As others have said, probably best to run a virus scan.

Future Advice: Never click on any links or open any attachments in your e-mail if you do not know they are legit 100%. When you get mail from a service like paypal/amazon/parcel service/whatever prompting you to log in you can always just go to their website directly and not use the link provided.

Answered by Daniel on January 24, 2021

ALL they have is your email address.

The purpose of the email was to make you click the link, which you did.

The link tried to plant malware on your computer. Either it just succeeded without presenting any visible content... or your computer was immune to that malware (patched; different platform)... or the authorities have already taken the server down.

Another possibility is the page would've asked you to willingly input your personal information that they could use in scams... but the authorities took it down, or the server saw your IP address was not in the region they are targeting with scams.

How did they get your email?

There are a million ways to get email addresses. Hacking any other site you've ever registered on... published lists of known addresses (from previous hacks)... running fake "contests" that invite visitors to enter their email... hacking someone you sent email to... getting that person to willingly allow a scan of their address book (as Linkedin and Facebook request)... hacking a site that does that... you name it.

But there's an even easier way. Guess.

  • Remember those published email lists I mentioned? Try every "name" on every "domain". Someone in the last 30 years had noobmaster123 @ aol.com. OK, so try noobmaster123 @ gmail.com, mail.com, outlook.com, yahoo.com etc.
  • Many emails are just two dictionary words pushed together. Try every dictionary word with every dictionary word.
  • Take every name in every phone book and try JohnDoe, John.Doe, John_Doe etc.
  • Many are words or names with some numbers. If noobmaster123 exists, try noobmaster0 through noobmaster99999.

If you're thinking "that's billions of combinations", yeah, but that's doable.

Answered by Harper - Reinstate Monica on January 24, 2021

Another possibility: If you have a relatively common name (and subsequently email address), or even if you don't, it's perfectly normal to get emails addressed to someone else who mistyped their address when ordering something.

I too have mistyped my email address when ordering stuff online and I'm pretty sure there was an unfortunate soul that got the status reports on delivery of some of my books and whatnots. Ignore those messages (or look up the shop on google).

Assuming of course it was one of the standard fares informing you that "DHL delivered your parcel to PPL drop off point. If this message is not addressed to you click here" affairs.

Answered by mishan on January 24, 2021

You received a message that was foremost designed to get your attention, and it did that successfully. But look at the message: Is there any indication that they know you, beyond knowing your email address, or guessing a phone number if you received it via text message? That’s the best indication that it’s not real.

As an example, my wife received a really nasty email claiming that she had parked her car in the wrong place and she would be fined. She was quite upset until I asked her: Do they mention your name anywhere? Do they mention the license number of your car anywhere, or the make of your car? If it was real the email would have said “Dear Mrs. Gnasher, you parked your orange VW Beetle with license number A123XYZ...”.

Please check, but I’ll bet there is no evidence that they know who you are. There may be links in your email leading to malware to infect your computer, so don’t click anywhere, or they gave a phone number which they want you to call, and either you will be charged for calling the number, or an experienced conman will try to convince you to hand over money.

Answered by gnasher729 on January 24, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP