Royal Mail Email Scam

The following message has been sent through by Essex Community Messaging:

A scam email is currently being sent to victims fraudulently claiming to be from the Royal Mail.

The attachment on this email is known to infect the victim’s computer with CryptoLocker ransomware.

One of two email types have been received by the victims, both stating that the Royal Mail are holding an item for the victim and that a response to the email is required to arrange for the item to be resent/collected.

Email Type 1: Email states that they are holding a letter and there will be a £5 per day charge if the letter is not collected. It then instructs the victim to click on a link to get the letter resent. From here the ransomware infects the victims system.

Email Type 2: Email states that a parcel could not be delivered and that it is waiting for collection. A link on the email is provided for further information. The link takes the victim to a page that appears to be part of the Royal Mail website where victims are requested to enter a code (believed to have been in the original email). Once the code has been entered the victim is instructed to download an application, this application downloads the ransomware.

The ransomware encrypts files on the victim’s system and a window appears requesting a payment, to be made in Bitcoins, to decrypt the files. There is further incentive for early payment as the ransom states that the cost of decrypting the files will increase the longer the fine is outstanding.

Victims are asked to pay around £300-£360 initially, rising to £600-£660 if not paid within a period of time. Although primarily individuals, victims have also also included a number of businesses.

Protection Advice

Essex Police advises that members of the public and businesses should take the following steps to reduce the potential for falling victim to this type of malware:

1. Look at who the email is addressed to; is it generic or specifically addressed?
2. Look at the quality of the images included on the email. Are they of sufficient high quality that they could come from Royal Mail?
3. Do not open attachments from unsolicited emails regardless of who they are from.
4. Do not click on the link supplied. Instead, go to the relevant website and log in from there.
5. Check the address of any email received to see if it appears legitimate.
6. Additional information regarding Royal Mail on-line security can be found here: