Mail Security Chain of Custody: How to Inspect Large Boxes

Large Boxes Chain of Custody.

Cody Martin, RaySecur Director of Mail Security, explains the best ways to inspect large packages that don’t fit in the traditional USPS drop boxes.

With Cody’s experience as a former US Postal Inspector, his recommendations on how to inspect for larger boxes are invaluable.

In this interview, Cody discusses the inspection and handling of large mail items items which don’t fit in USPS drop boxes or arrive through different mail streams.

Cody Martin.

Cody Martin

Director of Mail Security & SOP Team Lead

Cody Martin had over 12 years of experience as a Federal Agent with the U.S. Postal Inspection Service, and several additional years as a mail security consultant.

  • USPIS Dangerous Mail Specialist & Instructor
  • Co-created USPIS IED Program for National Headquarters
  • Investigator on high-profile / VIP cases
  • Screened mail for the NFL, NBA, President George W. Bush (ret.)
  • First responder to hundreds of incidents

State of Mail Security Report

Download RaySecur’s analysis of trends from the known dangerous mail incidents.

Annual Report Book md.

In this 15-page report, RaySecur CSO WiIl Plummer analyzes the state of mail security, and what it means for security teams.

Visual Inspection

Before touching or interacting with the package, perform a quick look for any obvious external indicators on the package.

Visual Mail Inpsection.

Look for anything abnormal

  • Excessive tape or packaging
  • Stains or pooling in a corner
  • Restrictive markings
  • Powder leaking out from seams

These are things that you can see just by doing a quick visual scan, without ever having to interact with the package.

If we can catch those ahead of time, that’s a perfect scenario, where we don’t have to physically touch and interact with it anymore. We can escalate to that next level.

Start out with that quick visual scan, prior to physically interacting with the package itself.

Tactile Inspection

Certain indicators can be difficult to see, especially when performing only a quick visual scan. Follow the visual with a tactile inspection.

Reduce Risk of Mail/Package Coronavirus Contact.

Tactile can detect what visual misses

Excessive tape can be difficult to see. Once you “go hands-on” with a package, you can feel excessive packaging fairly easily.

“Why are there so many layers of tape on this package? It doesn’t make sense.”

If it’s lopsided when you pick it up, is there a lot of weight concentrated on one end of the package that just feels out of the norm?

Humans are great change detectors. We know when something doesn’t feel “right.” So if it reaches that level, you may want to look closer.

Suspicious Package.

Obvious threat indicators

Protruding wires or things of that nature are obvious threat indicators.

In some cases, malicious senders include a failsafe built in their IED. The failsafe ensures their safety while constructing or packaging their device.

If you notice any such indicators during physical inspection, escalate the incident through the proper channel.

Chain of Custody Verification

Once visual and tactile inspections are complete, turn your attention to chain of custody verification.

Verify Chain of Custody Scan Label.

More detailed visual inspection

Look at the provided information regarding the sender, addressee/recipient, and postage.

  • Do any appear unusual?
  • Is sender information provided?
  • If so, does the sender appear fictional?
  • Addressed only to a title, such as CEO?
  • Are there restrictive markings, such as “confidential” or “for CEO’s eyes only?”

If you see these types of things, we recommend placing a phone call whoever is listed as the addressee, to ask if they’re expecting mail from this sender.

Depending on their answer, you can make a decision on next steps. You can dismiss a lot of suspicious-looking packages with that quick phone call.

Fewer Threats in Large Deliveries

Many clients want to scan larger boxes. They believe that larger boxes represent larger possible threats.

But is that valid, based on historical evidence?

USPS Blue Mail Boxes.

Threats are more common in smaller packages

History tells us that threats are far more common in smaller letters, flat mail, and smaller packages.

These items can be introduced into the mail stream anonymously, which makes them an attractive avenue for perpetrators.

The requirements for sending mail via a blue USPS collection box are half an inch thick and less than 10 ounces.

For the cost of a few USPS stamps, anyone can drop a small threat package into a blue collection box and it’s on its way. That’s an easy method for somebody with bad intentions to get something to someone with very little interaction.

Last Mile Mail Threat.

Larger packages aren’t anonymous

If the package is larger than that, customers are forced to a Post Office counter or kiosk. Here there will be some sort of financial transaction which will link back to them.

That arrangement is an intentional and successful deterrent. Pipe bombs or explosives are going to be in larger packages—in excess of that half-inch requirement.

Narcotics can be introduced this way. Even if it’s a small amount of drugs, senders are concerned about getting caught—they want to avoid detection.

Many such packages include multiple layers of wrapping and packaging material, which often exceed a half inch.

Then you have just your standard prohibited items that may be legal, but they’re not allowed within the organization.

Whatever that may be: firearms, ammunition, knives—maybe someone ordering wine online.

Nothing is impossible. Don’t get complacent!

State of Mail Security Report

Download RaySecur’s analysis of trends from the known dangerous mail incidents.

Annual Report Book md.

In this 15-page report, RaySecur CSO WiIl Plummer analyzes the state of mail security, and what it means for security teams.