Mail Threat Alert: August, 2020

Mail Threat Alert: Aug, 2020.

August, 2020 was an interesting month in the world of mail threat data tracking. Higher than normal low-probability events and the continuation of everyday threats.

These events targeted everything from corporate America to individual residences. The threats ranged from extortion and intimidation to targeting individuals with caustic substances.

The events highlighted here are not all-inclusive for the month but are intended to provide a summary and a lens into the current situation.

Subscribe to Threat Alerts

Join our community of experts and receive intelligence reports on mail security. We regularly send real-time mailroom threat incidents.

Find out what is happening near you, so you can respond quickly.


August 2020 Mail Threats

Below, we highlight a few incidents from Aug, 2020 that provide a window into what we can expect to become the new norm.

These are not new “threats.” They are, however, presented in a new light, which we can use to plan for the future of mail security.

As always, we invite our readers to join our community of experts and sign up for our regular intelligence reports on mail security.


Aug, 2020 Mail Threat Alert #1: BBB Scamtracker.

Mystery Seeds — Nationwide

“Companies, usually foreign and third-party sellers, will send items by using a person’s address and Amazon information to make it look as though that person wrote a positive online review of their merchandise and that the resident is a verified buyer of such merchandise.

The company would then post a fake, positive review to improve the ratings of its products, which will help it get legitimate sales, resulting in better profits for that company.”

These are pretty clear, if you receive one of these packages your information might be compromised. Change your passwords, PINs, and check your history.


Aug, 2020 Mail Threat Alert #2: Newtown PA BLM Hoax.

Hoax Extortion Letters Claiming to be from BLM — Newtown, PA

Aug 19, 2020

“Police are investigating after Bucks County business owners received extortion letters that claim to be from Black Lives Matter Philly. The local BLM chapter immediately clarified they had nothing to do with the notes. Received by at least two Newtown, Pa., businesses, the letters threaten violence or arson if proprietors don’t make donations to the activist organization.”

These acts attempted to use the increased fractions in our current society to extort money from local businesses. The downside to threats like these is they have to be believed and those threats need to be seen as credible. The local business leaders, BLM members and essentially all involved immediately contacted the authorities and federal charges can be expected.

Threats like these will appear generic enough to be delivered anonymously but once opened are intentionally camouflaged. The writing and information on the extortion note inside, if the individual intends to avoid quick capture, will be obscured to reduce tracing and most likely appear somewhat random.

In many organization, the front door is protected, but the “back door” is wide open—and that’s where mail enters. As these threats will escalate quickly, the protection of evidence is critical for success.


Aug, 2020 Mail Threat Alert #3: Quebec Canada Post.

Suspicious Package at Canada Post — Quebec, CA

Aug 28, 2020

“The intervention concerned a “suspicious object” found inside a box. This object “could be compared to an explosive device” and the staff did not want to take any risk, explained Étienne Doyon, spokesperson for the Police Department of Quebec City.

The building was evacuated even before the police arrived. “After checking, the object was found to be completely harmless. People were able to return to the Canada Post warehouse and continue their work, ”said Mr. Doyon.”

Canada Post’s incident is a classic example of a false positive. It highlights what happens when everything goes right in your mailroom security infrastructure but you only have one answer.

Generally, a large reaction, a multiple agency response, and fortunately a sigh of relief at the end is a success. Although its the correct answer, some pre-planning and mail security training might reduce the cost of lost time and money.

Sometimes there is no right answer only the less wrong ones and the best answer comes with a cost.


Aug, 2020 Mail Threat Alert #5: Somerset ME Soboxone.

Drugs Mailed to County Jail — Somerset, ME

Aug 12, 2020

“The accused was issued a summons for two counts of class C trafficking in prison contraband. She is alleged to have smuggled the drugs to Servisky in parcels that Somerset County Sheriff’s Office investigators intercepted on June 3 and June 4, police said.

The parcels contained a law firm’s return address, but investigators who telephoned the firm found that it had not sent the correspondence to the inmate, police said.”

Using legal documentation from lawyers, even if falsified, appears on the surface to be an effective method in hiding drugs on their way into a correctional facility. The downside is two-fold and even worse, as all of it is admissible in a court of law.

First, the facility has control of and will handle all of the mail. The crime itself must go into the hands that will without question report everything out of place.

The second problem for success is the lawyers, they tend to pay attention to their paperwork and what is sent.


Aug, 2020 Mail Threat Alert #6: Paris TX Shoes.

Suspicious Package Sends 2 to Hospital — Paris, TX

Aug 24, 2020

“The note was not threatening in any way. It just rambled on about various things,” said Paris Police Public Information Officer Curtis Garrett. Shortly after opening the package, two employees started developing a rash on their skin that made them itch.

The Paris Fire Department says both were decontaminated and treated at the hospital, and were released. Two firefighters also underwent Haz-Mat decontamination at the scene, but weren’t hurt.

Police say they don’t know what caused the rash, but don’t believe the package contained anything life-threatening. Garrett says police will be talking to the man who delivered the package, along with analyzing what was inside.”

This is an interesting issue that unfortunately forces the first responders to execute actions for the worst-case scenario. These events have a very volatile variable in the middle of the equation: human beings.

Regardless of what the situation is, when those affected react, the events that follow are scripted until a negative test result from the lab indicates otherwise.

The threat is identified by the symptoms of those involved and the best option is again a pre-set plan. Events that overwhelm an organization and even first responders, unfortunately, occur regularly.

Working through emergency action plans and procedures are critical to the success of events that can quickly turn to mass casualty scenarios.


Aug, 2020 Mail Threat Alert #4: Louisville KY Fentanyl.

Customs Finds Fentanyl Mailed inside Speaker — Louisville, KY

Aug 27, 2020

“The shipment originated from Mexico and was headed to Bronx, New York. The parcel was manifested as a car horn, but an x-ray revealed something else. Upon examination, a speaker was found and removed for inspection.

A hole was drilled into the side of the speaker and a white powdery substance was seen, which tested positive for fentanyl.”

In COVID times there has been a significant increase of drugs in the mail at multiple levels. Drug dealers are not standing on street corners or down alleys and instead are using alternate means for delivery.

From the cartel with high-end camouflage, down to the street dealer who is just mailing raw material or items such as pills, mail has become a fairly solid medium.

Although not seen as a “normal” threat to the public it is statistically speaking something that is transiting through most official mailrooms.


Aug, 2020 Mail Threat Alert #7: Seabring OH White Powder.

White Powder in Letter Causes Burns — Seabring, OH

Aug 28, 2020

“An inmate at the Stark County Jail mailed the letter to a worker there. That worker was off but another worker opened the letter and found white powder inside. It turned out the substance was bleach. The woman who opened the letter suffered bleach burns. The inmate is now facing a charge of inducing panic.”

Twice in August inmates reached out of their facilities to target individuals. Both times the mail was screened before leaving the penitentiary and allowed into the mailstream by the guards.

This means the mail was legitimate enough looking to pass that inspection but questionable enough to gain the desired effect. In this case, the targeting individual simply took the week off.

Mail from prisons, jails, or detention centers should always be considered suspect and treated as a possible threat. Identifying who sent it, who it is addressed to, and not rushing to open it until that information is understood is a safe tactic in minimizing the threat.


Aug, 2020 Mail Threat Alert #7: Waco, TX IRS Threat.

Suspicious Letter at IRS Office — Waco, TX

Aug 27, 2020

“A Waco Fire Department Hazmat team responded Thursday after what was described as a suspicious letter arrived at the local Internal Revenue Service Office.

The department’s Chemical, Biological, Radiological, Nuclear, and Explosive or CBRNE team was dispatched at around 11:50 a.m. Thursday to the office at 6801 Sanger Ave., just off State Highway 6.

The team tested and then opened the envelope and found no hazardous contents, officials said. Waco police are investigating.”

Government agencies are always high on the annual lists of targets. Facilities like the IRS draw extra attention as they represent often what has caused strife. A CBRNE response most likely means powder or liquid as they are the most valid solution to the problem versus a hazmat team.

Chemical or biological threats in the mail are hard to plan against. Much like when individuals are already showing symptoms of exposure to the item, the best plan is a practiced emergency action plan.

The response following a CBRNE threat is scripted and once started the only thing that will stop it is a negative response from a laboratory.


Aug, 2020 Mail Threat Alert #7: Los Angeles CA Thailand.

Overseas Critics of Thailand Receive Suspicious Packages — Los Angeles, CA

Aug 31, 2020

“A package was then left on my doorstep – a gift bag, with a gift box inside with a message “A something special for you”. Inside were some items that showed I had been followed over the previous days, as well as a printed message that said ‘Greetings from Thailand!’.”

Threats like these are difficult to categorize but happen to a wide array of targets. This one aimed at critics of the Thai government tracked the FedEx package back to Bangkok is an extreme example of intimidation. The message is the threat, and although not physically able to hurt anyone, it will change the attitude or actions of those targeted.

The best option for events like this is to preserve as much as possible for the police. Similar to the extortion letters, this will receive multiple agency support and response. Ensuring these agencies have the cleanest possible piece of evidence is the best shot at stopping the threat.


Concerned about Mail Security?

Download our free ebook: 3 Best Practices of Mail Security.

Every year thousands of people & organizations receive threats through the mail.

Here’s what to do about it.