In the past, BBB has shared information on fraudulent email
messages claiming origination from the DHL, IRS, Western Union, Chase Bankand other financial institutions. Usually, the aim of these falsely identified messages is to steal your identity, your money, and/or infect your computer with a virus or spyware.

Today, BBB is warning businesses and consumers to be aware of an Internet scam falsely using the United Parcel Service (UPS) name. An Omaha consumer reported to BBB that she received an email stating that she had not paid an international tax on a package she had shipped to her son, who is serving in the Military in Spain.

The email informed her that she needed to pay $171 on the package. The reason stated was "under new laws any package transiting through the EU is liable to full duties payment. The sender did pay the appropriate courier fee but did not pay adequate duties on the package." The email also said that the package was going to be held in Spain until she contacted "a claims officer" to assist her with the duty payment.

The consumer was suspicious about this email from UPS, because the package she had sent went through the Military's APO mail. She stated, "I contacted the BBB because I had a feeling this was a scam, and I also wanted BBB to warn others. I know many people have loved ones overseas, serving in the Military and are sending them care packages, too."

BBB investigation found that the UPS headquarters is located at the address as stated in the email, 55 Glenlake Parkway NE, Atlanta, GA, but the contact's email, angela-ups@post.com, is not a valid address.

Another suspicious email, supposedly from UPS, was received last week at the BBB in MD., and it has been reported to the fraud department at UPS. BBB is warning that it may be lurking in your inbox too. Here is the message. The email links have been altered for safety purposes:

Dear client
Your package has arrived.
The tracking # is: 28273335EF548B17 and can be used at:
http://www.ups.com/track/track.html
The shipping invoice can be downloaded from:
http://www.ups.com/track/invoice/download.aspx?invoice_id=35F548B7

Thank you,
United Parcel Service

"These are forms of 'phishing' in which a fraudulent email takes the name of a legitimate company and is really an unauthorized action of a third party not associated with that company. Awareness and recognition of fraudulent letters, emails and 'phishing' attempts is vital to protecting yourself against theft and other related crimes," stated Jim Hegarty, BBB president and CEO.

UPS does not request payments, personal information, financial information, account numbers, IDs, passwords, or copies of invoices in an unsolicited manner through email, mail, phone, or fax or specifically in exchange for the transportation of goods or services. Although some legitimate UPS communications may come in the form of an email with an "epackage" link contained in the body of the message. These are designed to increase the protection around sensitive information, and the associated link will always start with https://epackage1.ups.com.

According to the UPS website, www.ups.com, "To be assured you are accessing an authorized UPS website, use "ups.com" or "international.ups.com" rather than a link embedded in another source."

Some common indicators listed on the UPS website that an email might be fraudulent include the following:

* Design Flaws: An email containing distorted or irregularly sized logos

* Poor Grammar: Grammatical errors and excessive use of exclamation points

* Misspellings: Incorrectly spelled words or links to altered websites (For
example, modifications or variations of the legitimate www.ups.com website
address, such as www.unitedparcelservices.com)

* Sense of Urgency: Alarming messages requesting immediate actions, such as "Your account will be suspended within 24 hours." Or "Contact us immediately to claim your parcel or prize."

* Unexpected Requests: A request attempting to obtain money, financial information (e.g. bank account or payment card numbers), or personal information in exchange for the delivery of a package or other article

* Communication Gaps: An email that does not provide an alternative method for communicating the requested information (i.e. telephone, mail, or physical locations)

* Deceptive Link: A link contained within an email that appears to direct your browser to a known, safe site but actually directs your browser to another location, potentially to an unsafe or fraudulent site. You can detect this by hovering over the link with your cursor. This causes the actual destination of the link to display in a pop-up, the lower left of your status bar, or other location depending on your e-mail client. It is suspicious if the actual destination does not match the address in the link. Also be suspicious of links containing numbers in place of letters, abbreviations, and slight misspellings in the link.