Just a quick and hopefully helpful blog post to help you know what to look for in emails that you believe are suspicious and maybe malicious in nature.
For this email it states that it's from USPS.com and regarding delivery a package where they're suggesting money may be due upon receipt or before they will finalize getting the package to you.
- The "Friendly Name" of the email address says "USPS" but if you look at the actual email address you'll notice the actual email address is [email protected] via palmbeachpools.com. Doesn't really look like an email address that would be coming from the USPS right? There's your first clue. Also, it says "via palmbeachpools.com", which is stating what email server sent the email.
Now I'm sure the owners of palmbeachpools.com are upstanding citizens in their community, but pretty certain they're not letting the USPS.com use their email servers as a business decision or gesture of good will.
- Looking at the general content of the email, things look like they could be legitimate. However, if you hover over the button link in the email they're wanting you to click on, you'll see they're directing you to that palmbeachpools.com website again and into a suspicious looking directory that's probably been hacked on their server and contains code that will do the malicious things they've designed this email to instigate.
As a general warning, don't click on things in emails received that you're not expecting to receive. Even if it appears to have come from a legitimate source. Do a couple of quick checks on things like this and make sure there's nothing that looks suspicious. I personally never click on an attachment in an email that I didn't specifically ask to have sent to me by someone that I'm expecting, so that's a pretty good tip too if you're prone to fall for this kind of stuff.