If you receive an email that looks like it's from a trusted vendor asking you to confirm an order, or a package shipment message that looks like it's from UPS, USPS or FedEx, resist the urge to click any of its links. Even if the email contains a logo that looks official to you, it might be a copy or a screenshot of a company's logo taken from their webpage; it's easy to make an unauthorized copy of any logo.
Pete Hodge says, "The holidays are a big opportunity for scammers and spammers that want to infect our computers with malware. You will be seeing more than the usual amount of fake confirmation emails telling you your package has shipped, or it's ready for pickup, all from a familiar company or retailer. NEVER TRUST ONE OF THESE EMAILS. If you click on the link in the email your computer will be infected with software designed to collect your personal information, or infiltrate our network."
If you have any doubts about the authenticity of any email message, please check with Pete Hodge before you click on anything in the message.
Remember: Pete sez,
It's best to assume anything like this is a trick.
Paranoia is your friend this holiday season!
Pete recommends reading Be Wary of ‘Order Confirmation’ Emails for details. See also UPS' Spam and Phishing E-mails Fraudulently Using the UPS Name or Brand and Examples of Fraudulent Emails, and try this interactive image to identify a phishing attempt.