Attention online holiday shoppers! Phishing attacks peak during the holidays. Beware.

There’s many creative and carefully crafted phishing emails being sent out by cyber criminals this 2018 holiday season starting right before Black Friday and Cyber Monday. We’re taking a close look at some popular variations and reminding you not to click on any links, no matter how credible and urgent these emails appear.

email spam


EXAMPLE 1 “USPS Delivery Failed” phishing email

Cybercriminals are posing as the U.S. Postal Service targeting consumers with phishing emails claiming packages are undeliverable. Next, potential victims, click on the fake tracking numbers that can download malicious software to their computers.

This malicious software could possibly include ransomware, which will freeze your computer, making it useless until a large sum of money is paid to the cybercriminal. Another possible malicious software can be spyware, which tracks all your computer activity including stealing your personal and financial information.

Be on the lookout for suspicious looking emails disguised as reputable delivery companies such as FEDEX, USPS, DHL, UPS, etc.

These email may appear to look very authentic, including company logos, fake tracking numbers, or even bar codes.

Subject line example: “USPS Deliver Failed for parcel #59838769273762876″

Dear [EMAIL], hereby we notify you that your delivery tracking #650087 has FAILED to be delivered at the destination address. To claim your package or initiate a new delivery attempt please use the attached document.

Feel free to contact us with any further questions.

Call us
Call 1-800-ASK-USPS® (800-275-8777)
M-F – 8:00am-8:30pm ET
Sat – 8:00am-6:00pm ET
Sun/Holidays* – Closed

USPS Delivery Failed email



EXAMPLE 2 “Fake Order Confirmation” phishing email

amazon phish

Shopping online? Many cybercriminals are also creating phony online order confirmation emails claiming to be from big retailers like Target, Wal-Mart, Costco, Home Depot, Amazon, etc. They may also include logos from the companies and appear realistic.

You may receive phishing emails disguised as a major retailer with a subject line such as:

  • “Thank you for your order”
  • “Order Confirmation”
  • “Thank you for ordering from [company name]”
  • “Order Status”

EXAMPLE 3 “Paypal Unusual Activity” phishing email

Sure, with all the online shopping you’ve been doing, perhaps you used PayPal. However, when hovering over the link, you’ll see it’s not going to PayPal. Don’t click! “Urgent” Emails such as this one rely on you to take immediate action, therefore you’re less likely to take your time and closely examine the email.

paypal scam

Therefore, if you happen to receive a spam message similar to the examples above, it’s strongly recommended that you:

  • Do NOT download or open any attached files.
  • Do NOT click on any links
  • Delete the email immediately.


Our recommendation for email security:

Proofpoint Essentials – The #1 Cloud based email security solution. Filter your emails in the cloud before they enter your network!

Email threats are constantly evolving. Are your defenses?

Proofpoint Advanced Email Security is a complete solution for email threats and continuity. No other email defense protects you against a broader range of advanced email threats, such as holiday spam mentioned here.


phishing email





Sign up for our FREE email newsletter
so you don't miss out on any of our great content!

You have Successfully Subscribed!