UK Amazon Kindle Forum discussion

I've been expecting a proof print copy from CreateSpace and it was late due to a postal strike, so when I got an email from the USPS saying the courier couldn't deliver a parcel and to take the attached ticket to the post office it all made sense.

I couldn't open the attachment and my neighbour said it was suspicious, so I emailed CreateSpace who assured me the email was genuine and to reply to it and ask them to send another attachment.

Duh! The attachment had a virus!!

I emailed CreateSpace again and they said sorry about the virus, the first reply was incorrect and the parcel hadn't been sent via the USPS but by another service.

Had to spend most of the day downloading software to get rid of the Trojan Horse.

ETA The original email did not come from CreateSpace, but from a spammer disguised as the USPS. It was my fault for opening it, but CreateSpace was at fault for originally telling me the spam email was genuine.

That is really bad and suggests createspace has lousy security.

Thanks for the warning, Jan!

Sounds like this should be a warning for authors, I think? Gonna pop it into the author area.

Changed the thread title, as well. Tell me if I got it wrong, please.

It wouldn't have got through Avast anti-virus checking in fact it wouldn't even have let you open it.

Don't even talk to me about avast. Memory sucking leech.

It may not have been a virus - did it do anything nasty? It may simply have been an auto-reply indicating that you had opened the attachment. These sort of things trigger anti-virus alarms. Did you disable your AV to open it? (In which case you'll not do it again!!)

And why USPS and not UPS, who receive deliveries into the UK?
Also, don't assume it came from Createspace, unless they said it did. The 'undelivered parcel' email scam has been going for years.

I've had several of these 'please print off this voucher and take it to the collection depot' type emails. As I wasn't expecting parcels I was suspicious. They are a scam and contain a virus but they are not sent by Create Space. I have never used Create Space. The scammers just send out these emails and hope to catch someone who is waiting for a parcel. I simply don't open attachments unless I'm 100% certain.

Jan was unlucky to be expecting a parcel. It was odd though that Create Space weren't on the ball.

I really, really feel for you Jan, it's awful spending your time on some so and so's scam.

Patti (baconater) wrote: "Don't even talk to me about avast. Memory sucking leech."

For everybody except Patti : I use Avast Pro. It uses 7.6Mb of 3.5Gb of spare ram memory while watching over me. I have just downloaded 4 new emails while watching my system monitor and I saw a 1% processor jump by Avast for less than a second, while Windows live mail took 12% of processing power for the same time. If you're downloading a program of Gb size it can slow the download slightly, perhaps 5 seconds out of a minute or two.

In conclusion, I haven't found it memory hungry or particularly slow. A dangerous thing to say, but not one virus or trojan has got through in the 3 years I've been using it. (I run 2 other checkers once in a while just to be sure, and they come up clean.)

I use Avast these days too.

Patti (baconater) wrote: "Changed the thread title, as well. Tell me if I got it wrong, please."

I thought the new title was a SF writing challenge, until I realised that 'Create' wasn't an order.

IObit Malware Fighter is a free download that specifically looks for trojans and similar threats. Run it once a week in the background if you're worried you might be infected.

Thanks, Pete. I have Windows Defender which comes with Windows 8 but if I needed the peace of mind of a particular malware fighter this one looks good.

Patti (baconater) wrote: "Changed the thread title, as well. Tell me if I got it wrong, please."

I changed the title as the virus did not come from CreateSpace.

The original email did not come from CreateSpace, but from a spammer disguised as the USPS. It was my fault for opening it, but CreateSpace was at fault for originally telling me the spam email was genuine.

Thanks everyone. I'm usually very careful, but as my parcel was late and I'm used to my virus protector saving me from these sort of things,(and I was anxious to get the book) I was caught off-guard. My virus protector had some parts turned off (not sure what happened) so didn't catch it. We downloaded the malware programme and found a trojan horse, which was quarantined.

The second reply from CreateSpace said that the first reply was incorrect and as I hadn't received the book they would send a replacement. However, the next day the book was at my local PO and I picked it up - after having to pay R27 customs duty!!


Today I received, via courier, a second book, so am slightly mollified.

Glad all came right in the end.

Patti (baconater) wrote: "Glad all came right in the end."

Thanks :)

In the past six months I have had three Trojans get into my computer. I've used McAfee scan and Windows Defender scan but the programme that found all three was AVG anti-virus, the free download. True, none of them stopped the Trojans getting in to begin with ....

Thanks Lydia. How did you know you had a Trojan?

Anna wrote: "Thanks, Pete. I have Windows Defender which comes with Windows 8 but if I needed the peace of mind of a particular malware fighter this one looks good."

I'm afraid I don't use anything emanating from Microsoft, except the Windows operating system. Windows stuff is the first thing the hackers learn to get around because they know many people rely only on that as a defence.

Glad you got the problem sorted.

I haven't had a problem, Pete. I simply ignore anything that doesn't look quite right and that seems to work well. It's Jan who had the bad time.

Interesting to hear what you say about Windows. I suppose I should get additional defence.

I get at least 5 or 6 of these "pay this invoice/open this file/etc" every day, so they just go straight in the bin with little or no consideration (don't ever send me a file without warning me first, cos the same thing'll happen)

Having said that, I also suffered from missing CreateSpace proofs. I contacted them by email and they just said they'd send replacements by express delivery, which they did. (I think there must have been someone yelling "hold the plane!" - they were printed on the 22nd, and I had them on the 25th!)

Safety tips: Don't open emails if
-the header is blank
-there are weird characters within the text
-its an advert you're not interested in
-it's saying you've won something and you haven't even entered any draws etc.
-it's from a bank or financial institution you don't belong to

NEVER click a link in an email claiming to be from your bank, or paypal or any other of your financial set-ups. Go to your normal web banking page instead and if there's anything from them there will be a message waiting for you.

If you get pestered by a deluge of unwanted emails you can do the following:
Right click on the message without opening it - scroll down to 'Junk email' - click on 'add senders domain to blocked senders list'. Do the same for 'add senders name...' Then move the file to junk folder, and delete it. After a few weeks the emails may begin to tail off.

'Phishing' emails, if they get through your AV and you open the email to read it, send back a message that they've caught a live viewer - a potential gullible victim. Your email address is immediately sold to thousands of cold-calling vendors worldwide.

Unsolicited online competitions have as their main purpose the capture of email addresses and any other info you give them. Do you really need a 1-in-20 million chance of winning a £200 TV enough to surrender personal data?

Always remember to untick the boxes so as to refuse consent to your particulars being sent to 'partner firms' when making purchases online. Partner firms means anyone who is prepared to pay for the data.

In general : If you're the slightest bit suspicious, don't do it. Don't open it. The world already knows where you live, what you eat, what books you read, what car you drive, probably how much you earn, your marital status etc. Don't lose your privacy as well.

Oh ,and the same goes for phone calls purportedly from banks. NEVER give any information, Say you'll call them back, then call your bank on a DIFFERENT phone to see if they want to speak to you. (Crooks will keep the connection open after they speak to you, intercept your call to the bank and continue the deception.)