Stock image of  hands holding live electric cables

Fake UPS Email Leads to…Nikola Tesla and Bifilar Coils?!

There’s a fantastic anecdote regarding Nikola Tesla doing the rounds at the moment in relation to him paying for a hotel room with a mysterious boxed model of his “death beam” (don’t call it a death ray or you’ll make him mad!)

As it turns out, the subject of Tesla and odd box-shaped parcels takes a weirdly relevant turn as our spam traps pick up the latest in a long line of UPS delivery themed fake mails.

In cases such as these, the recipient is told to click a link and finalise a package delivery; the URL invariably leads to malware.

In this case, the email – which contains five separate URLs – takes eager clickers to a webpage which claims to give you a cheap source of electricity, based on the work of Mr Tesla.

No, really.

Fake UPS Mail

The email reads as follows:

Your UPS Package #0094884 has shipped!‏

Your UPS Order needs Urgent Attention

Order # 002-8382487-1239231472 View order details UPS Email: ORDER PLACED: June 03 2015. SHIP TO: View order details ORDER STATUS: NOT CONFIRMED

The email links all contain the following URL:

pinky(dot)proudadmire(dot)com/[redacted]

From there, an eager clicker will be redirected to

power-innovator(dot)org

Tesla site

The Tesla invention in question is this “Tesla coil for electro-magnets”, AKA the Bifilar Coil, referred to as the “Bifilar Pancake Coil” on the website.

For $69 dollars (or $49, if you get the discount at ordering) you receive what looks like a DVD, book, “surprise bonus” and a list of parts needed to build your own slice of Tesla action.

The last science experiment I took part in involved a perpetual motion machine, a bathtub and a collection of flames so I’m probably not the best person to ask for advice in terms of whether Tesla’s patent will save you some money.

However, I’m very confident where advising you not to take random UPS emails at face value is concerned. Even if you have ordered something recently and are expecting emails, you should always visit the website of the delivery company in question to track your order.

Many delivery firms will also send an SMS to your mobile – if there’s any mismatch between that and an email you receive out of the blue then there’s a further red flag for the taking. If in doubt, email or call – many fake delivery mails will send you to exploit kits along the more typical attacks so it pays to be cautious.

Now if you’ll excuse me, that perpetual motion engine is just about ready for Round 2…

Christopher Boyd

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.