This message seems to be a scam

Opensuse 12.3
Chromium 37.0.2062

I use fastmail.fm within Chromium for my mail and I got this message which looks legitimate.

[CODE

]

http://i62.tinypic.com/ne6su8.png

I am expecting a package containing sensitive material so I was eager to try and get it.
However when I click on the "print shipping label" link I get this:

You have exceeded the maximum number of downloads allowed for your IP. Please try again later.

Very odd and as I dug deeper I saw part of the "from" address was 

from=veintreatment.com.au

This disturbs me to no end and I want to complain to somebody but I don't know who.
It seems like someone is trying to scam using the USPS and I hope that it becomes a Federal crime and that they nail the bastitches.

Anyhow, does it look like a scam to y'all and who do I tell about it ?

Thanks

I do not want to downplay your concern, but I do not see how anything technical on the Network side of openSUSE can help you. When you want o share this experience this with other openSUSE users, the General Chitchat seems to be a better sub-forum to me.
And of ourse that USPS (whatever that is) seems the first to contact when you think people are misusing their website/identiy.

It is also not clear what you mean by “Federal law” and about what federation that is about.

USPS is the United States Postal Service and there can be serious consequences if you “mess around” with the mail.

Well, I really didn’t know where to post this or if it even was proper to be posted here. I guess that I always come here when I have a puzzling computer issue especially one with potentially national implications.

I guess that I was hoping that the folks here could point me in the right direction.
I had forgotten that there would be international users reading my message and as such, it would be a non issue to them. For me, it’s a big deal.

I already contacted the email provider, att.net and I am waiting to see what they say.
I am avoiding contacting the USPS since it is a typical governmental bureaucracy. I think that eventually I will need to notify them and I will do that as soon as I can get a reliable contact point.

If you think that it doesn’t belong here then feel free to remove it.

On 2014-10-04 12:46, hextejas wrote:
>
> Opensuse 12.3
> Chromium 37.0.2062
>
> I use fastmail.fm within Chromium for my mail and I got this message
> which looks legitimate.

Not to me. I have seen them before, or similar, for that or another
parcel services.

Your web-mail provider spam/phising filters should have detected it and
avoided you the nuisance. They are to blame.

> However when I click on the “print shipping label” link I get this:
>
> Code:
> --------------------
> You have exceeded the maximum number of downloads allowed for your IP. Please try again later.
> --------------------

Let me guess: that was a popup from “fastmail.fm”?
My guess is that the error message you got was the wrong one. Typically
the “print” button in those emails tries to run a Windows executable
file, that is in fact a Trojan and infects you. And I guess that
“fastmail.fm” blocked it with the wrong message.

(Henk: that part can be a proper issue for this forum )

But, as I hope that you are using Linux, it is a non issue.

If instead of using webmail you were using a local client mail setup in
Linux, using tools like amavis and/or spamassassin, that mail could have
been detected and blocked.

(and that can also be a subject for this forum )

> Very odd and as I dug deeper I saw part of the “from” address was
>
> Code:
> --------------------
> from=veintreatment.com.au
> --------------------

Google says they are a “Varicose Vein Clinic” at Brisbane. Probably
innocent, and someone sent the email faking the address. Welcome to
Internet.

> This disturbs me to no end and I want to complain to somebody but I don’t
> know who.
> It seems like someone is trying to scam using the USPS and I hope that it
> becomes a Federal crime and that they nail the bastitches.

I guess that you are at the USA

don’t worry, I guessed, I read the other posts, and I’m not
offended at all

No, I don’t think they can do anything, or not reasonably, besides
cramping and censoring Internet. There are all sorts of scams in
Internet, and everybody is in danger, even experienced people. I nearly
fell once, recently (a friend managed to make me believe our chat group
had been intervened by the government. Targeted social engineering, aka
practical joke)

You have to be watchful and wary. If in doubt, ask around. Google, too.

About federal crimes, from the little I know from your law (mostly from
movies ), messing with your postal service may be a crime, but they
didn’t actually send anything by post. And the post might have been sent
from anywhere in the world: you have to carefully look at the internal
headers to get a better clue.

But, now that I think, UPS could do way more: they could send
cryptographically authenticated email. Almost nobody does. None that I
make business with does, AFAIK. So yes, they are to blame, too.

–
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)

To me it seems to be a problem (as so many) with Internet usage and crime. But that is of course not specific to one single country. So I do not say it is not an issue to people using the Internet from different countries. But you make it difficult to assess that, by assuming that your audience are all citizens from the country you happen to live in. And that is certainly not the case. And we do not even know what that country is, because you never filled in the Location filed in your personal settings in these forums. You are of course free to leave it blank, but that means that you have to explain that in your thread when it matters.

I doubt that openSUSE > Get Technical Help Here > Network/Internet is something to discuss something “… with potentially national implications”. From whatever nation. My idea is that it better fits in General Chitchat and even then we should be carefull that “national implication” does not expand into politics, because politics are not allowed on these forums.

obviously USPS is not going to use a domain such as veintreatment.com.au it will not even use an australian server, so this is clearly faudulent.
if you wish to report it here is a website that can be very useful.
http://www.stopfraud.gov/report.html

also, the incorrect use of language and the constant grammatical errors are indicators that whoever wrote this was not a native english speaker.
I would report it to USPS and to the stopfraud site.

Does the postal service even know your email address? If not, then this should be seen as obviously a scam.

On 2014-10-04 15:36, hcvv wrote:
>
> hextejas;2667842 Wrote:
>>
>> I had forgotten that there would be international users reading my
>> message and as such, it would be a non issue to them. For me, it’s a big
>> deal.
>>
> To me it seems to be a problem (as so many) with Internet usage and
> crime. But that is of course not specific to one single country. So I do
> not say it is not an issue to people using the Internet from different
> countries. But you make it difficult to assess that, by assuming that
> your audience are all citizens from the country you happen to live in.

I guessed

This type of scam is “popular”, and you get hits on many parcel
services. And banks, and whatever. If the scam mail happens to fake a
service that you really use, the chances of falling for it increase. And
if you are waiting for an email from them, then you can very well fall.

So chances played all against hextejas this time.

He was lucky not to be using Windows, or he could have been infected by
the payload trojan.

But we can help get him a local mail setup, in Linux, that does at least
some filtering and avoids some nuisances

–
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)

On 2014-10-04 14:36, hextejas wrote:
>
> USPS is the United States Postal Service and there can be serious
> consequences if you “mess around” with the mail.

Look, some examples on my box:

1 11-04-09 09:08 US Delivery.service             (13K) ***INFECTED*** US Parcel Delivery service
+     3 11-11-11 16:51 DHL Express                    (276K) ***INFECTED*** Re: DHL Parcel Tracking Notification 097325136914554
+     4 11-12-06 09:06 Adobe Update Notification      (280K) ***INFECTED*** Adobe Acrobat: Upgrade Needed, Tue, 6 Dec 2011 09:06:08 -0500
5 12-01-09 12:32 Federal Deposit Insurance Com  (310K) ***INFECTED*** FDIC: About your business account TFI4WKG56858
+ N   6 12-01-17 09:27 DHL International              (244K) ***INFECTED*** DHL Tracking Notification ID 009211629497427249255
+     7 12-01-17 17:26 DHL International              (243K) ***INFECTED*** DHL Parcel Tracking Notification 20101779191618305
+     8 12-01-17 11:22 DHL International              (244K) ***INFECTED*** DHL Delivery Notification Message K3ZJLLQ6L8R369Q2M
+     9 12-01-23 15:16 UPS Quantum View               (271K) ***INFECTED*** UPS Delivery Confirmation Alert
+    10 12-06-13 17:03 Correos                        (102K) ***INFECTED*** Recoja su paquete postal ID14760
+    11 12-09-25 07:20 Correos                         (55K) ***INFECTED*** Error en la direccion de envio ID68857
12 13-11-05 11:59 noreply@hmrc.gov.uk             (22K) ***INFECTED*** You have received new messages from HMRC

Several of them are post office scams, targeted to different countries, that someone thought I might use.
As you see, all those were catched by my local mail security setup

(yes, they contain virii)

–
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)

Carlos E. R. wrote:

> On 2014-10-04 12:46, hextejas wrote:
>>
>> Opensuse 12.3
>> Chromium 37.0.2062
>>
>> I use fastmail.fm within Chromium for my mail and I got this message
>> which looks legitimate.
>
> Not to me. I have seen them before, or similar, for that or another
> parcel services.
>
> Your web-mail provider spam/phising filters should have detected it
> and avoided you the nuisance. They are to blame.
>
>
>> However when I click on the “print shipping label” link I get this:
>>
>> Code:
>> --------------------
>> You have exceeded the maximum number of downloads allowed for your
>> IP. Please try again later. --------------------
>
> Let me guess: that was a popup from “fastmail.fm”?
> My guess is that the error message you got was the wrong one.
> Typically the “print” button in those emails tries to run a Windows
> executable file, that is in fact a Trojan and infects you. And I guess
> that “fastmail.fm” blocked it with the wrong message.
>
> (Henk: that part can be a proper issue for this forum )
>
> But, as I hope that you are using Linux, it is a non issue.
>
> If instead of using webmail you were using a local client mail setup
> in Linux, using tools like amavis and/or spam assassin, that mail
could
> have been detected and blocked.
>
> (and that can also be a subject for this forum )
>
>
>> Very odd and as I dug deeper I saw part of the “from” address was
>>
>> Code:
>> --------------------
>> from=veintreatment.com.au
>> --------------------
>
> Google says they are a “Varicose Vein Clinic” at Brisbane. Probably
> innocent, and someone sent the email faking the address. Welcome to
> Internet.
>
>
>> This disturbs me to no end and I want to complain to somebody but I
>> don’t know who.
>> It seems like someone is trying to scam using the USPS and I hope
>> that it becomes a Federal crime and that they nail the bastitches.
>
> I guess that you are at the USA
>
> don’t worry, I guessed, I read the other posts, and I’m not
> offended at all
>
> No, I don’t think they can do anything, or not reasonably, besides
> cramping and censoring Internet. There are all sorts of scams in
> Internet, and everybody is in danger, even experienced people. I
> nearly fell once, recently (a friend managed to make me believe our
> chat group had been intervened by the government. Targeted social
> engineering, aka practical joke)
>
> You have to be watchful and wary. If in doubt, ask around. Google,
> too.
>
>
> About federal crimes, from the little I know from your law (mostly
> from movies ), messing with your postal service may be a crime,
> but they didn’t actually send anything by post. And the post might
> have been sent from anywhere in the world: you have to carefully look
> at the internal headers to get a better clue.
>
>
> But, now that I think, UPS could do way more: they could send
> cryptographically authenticated email. Almost nobody does. None that I
> make business with does, AFAIK. So yes, they are to blame, too.

Also it is very hard to get anything done about these if the come from a
different country. The US Government has no authority in those
countries. I have found you can report them in some states (Washington
State for example)to the state Attorney Generals Office and if the they
originated in US, get something down. Outside US forget it and run spam-
assassin if your ISP does not do filtering.

Russ

openSUSE 13.1(Linux 3.11.10-21-desktop x86_64|
Intel(R) Quad Core™ i5-4440 CPU @ 3.10GHz|8GB DDR3|
GeForce 8400GS (NVIDIA-Linux-x86_64-340.32)|KDE 4.14.1

On 2014-10-04 17:18, upscope wrote:

> and run spam-
> assassin if your ISP does not do filtering.

I much prefer they don’t do any filtering, so that I can run my own.
Sometimes they are too aggressive and delete or reject bona-fide email
that I do want.

Or at least, that it can be disabled. Gmail does a reasonable job,
allowing you to tune it. My ISP does not. None can be (reasonably)
contacted.

–
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)

On 2014-10-04 15:56, nrickert wrote:

> Does the postal service even know your email address?

I believe so. He was waiting for a message from them, and he thought
this was the one.

–
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)

And so where is this detailed instruction list?
(Says Bart, who is quietly lurking and thinking it could be a good move for him too!)

On 2014-10-07 14:06, montana suse user wrote:
>
> robin_listas;2667858 Wrote:

>> But we can help get him a local mail setup, in Linux, that does at least
>> some filtering and avoids some nuisances

> And so where is this detailed instruction list?
> (Says Bart, who is quietly lurking and thinking it could be a good move
> for him too!)

I don’t know of such a list. Many howtos and knowhow on Internet.

You can setup Thunderbird instead of a web mail. It does some filtering.

Or you can do a full setup, traditional unix style: fetchmail, procmail,
possibly postfix, amavis, spamassassin, possibly clamav.

–
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)