At a time of year when many people all over the world are expecting packages to arrive from courier firms such as UPS, FedEx and DHL, spammers are sending fake failed delivery notifications, ostensibly from these legitimate courier companies. Contained within the body of the emails are executable files disguised as Word documents, which the recipients are invited to open in order to arrange a convenient delivery time. The executable files install keylogging software that records every single keystroke typed on the computer on which it resides.

Recipients of emails purporting to be from reputable courier firms are urged to contact the firms in question before opening any files included in these messages. Should you go ahead and click on a file that turns out to contain malware, you run the risk of having your computer’s security seriously compromised. Once installed, keyloggers can record usernames and passwords that you type into your web browser when accessing email accounts, online shopping sites, payment sites such as PayPal, and even Internet banking services.

The potential for financial loss is clear, which is why it is vital to heed the advice given by industry experts to always err on the side of caution when opening emails that appear to have been sent from well-known courier companies. As the festive season approaches, such emails are likely to become more common so if you want to make sure that you really do have a Merry Christmas and a Happy New Year, be on your guard.