Please note that when I speak of “mail flow” I am referring to letters and packages received through the US. uu. postal service, express carriers like ups and fedex, as well as regional and local carriers: the fundamentals of mailroom security.
Staff should be familiar with the types of credible email threats they may see, as well as the types of scams that are common.
once they are familiar with what to look for, the appropriate answers for the different types should be addressed.
hoaxes are intended to pose real threats and are intended to threaten, scare, intimidate, disrupt and cause general inconvenience to individuals, organizations and society at large.
Because of the potential risk associated with credible threats, hoaxes generally require the same response from first responders up to the point where they are deemed non-credible.
As such, the effects of a hoax are often similar to a real threat.
threatening letters
The most basic type of deception is the threat letter. Threatening letters are just that: they contain written threats in the communication within the envelope or on the envelope itself. the statement can be a few words or it can be more detailed in nature.
Although threatening letters are usually harmless, they can be a precursor to something more serious. suspects may escalate their tactics if they don’t get the answer they wanted.
white powder letters
Deceptions take many different forms and one of the most common and familiar is the white powder card. Since the 2001 anthrax attacks, white powder letters have been commonly used as a means of harassing and intimidating.
Usually containing a non-threatening substance like flour, cornstarch, or baking powder, white powder letters are easy to create and can cause a lot of disruption.
In 2014, Hong Ming Truong of Rowlett, TX was arrested by US Postal Inspectors and FBI agents for mailing more than 500 false letters over 5 years.
the letters contained threatening verbiage and most, but not all, of the letters contained a non-hazardous white powder.
the cost of the emergency response by first responders exceeded $2.8 million. note that this figure does not include financial losses from businesses, schools, and government offices.
I can say from first-hand experience personally responding to several of these incidents, the amount of disruption and concern it created was enormous.
truong was sentenced to serve 60 months in federal prison in December 2015.
fake devices
Dummy devices are explosive devices that are missing one or more components that prevent them from working.
The intent of these devices is to threaten, scare, and intimidate, and often the suspect wants the intended target to know that a working device could have been shipped.
there is more intent behind these emails compared to the other types of scams and they should be taken as such.
A thorough screening process with comprehensive x-ray imaging and interpretation is critical to identifying these types of devices early in the process.
Compare these hoaxes to the warship: it’s not a hoax, but it’s not intended to cause immediate physical harm, either.
cbrne threats: chemical, biological, radiological, nuclear, explosive
cbrne threats move up the chain in severity, disruptive nature, and response. Fortunately, these types of threats are rare; however, the consequences could be serious in nature. it is important to know what the different types are and how they can present themselves in the mail flow.
Once the familiarization process is complete, you can make better assessments on the policy, procedure, and equipment needed to help you deal with these types of risks.
chemical
Chemical agents or chemical weapons via the mail stream are rarer than other types of threats. This is usually due to the complexity of acquiring the agents and putting them together in a mailable form. When we talk about chemical threats in a categorical sense, they are generally divided into the following:
- irritants
- commercial (industrial) chemicals
- blood agents
- nerve agents
- blister agents
- pulmonary agents
If you’re looking at these types of threats, your capabilities should cover vapors, liquids, and solids.
biological
Biological threats made their grand entrance into the public eye due to the 2001 anthrax attacks, which killed 5 people and sickened many more.
The importance and public nature of this case created a sense of paranoia throughout the United States. it also resulted in the use of white powder letters as a method of intimidation and harassment.
As a result of these shipments, numerous facilities, buildings, complexes and postal facilities had to undergo decontamination processes costing hundreds of millions of dollars.
Anthrax shipments in 2001 were followed by several attempts to mail ricin in 2003.
one of the letters was discovered at a mail processing center in south carolina and an additional letter containing ricin addressed to the white house was discovered at its mail processing center.
In 2004, a white powdery substance was found in a sorting machine at the Dirksen Senate Office Building, which later tested positive for ricin.
this incident forced the decontamination of employees and caused the closure of several government buildings. The availability and dangerous nature of ricin make it a greater potential threat than many other biologics.
These are high-profile incidents and as such have attracted much public attention. however, there are threats other than anthrax and ricin, which are possibilities.
Tularemia (rabbit fever), smallpox, and plague also fall under the purview of mail-order biologicals. However small the risks, familiarity and basic knowledge of these types of threats is important.
radiological & nuclear
When most people think of radiological or nuclear threats, they think of dirty bombs, which simply deliver radiation via an explosive device. the odds are in our favor regarding this type of device being mailed.
Although this type of device may not cause a large number of deaths, the amount of collateral damage would be significant. panic, paranoia, evacuations, cleanup efforts, etc. would be quite a task.
Fortunately, these types of materials are extremely difficult to obtain, but not impossible. Although a little dated, in 2008 the British Environment Agency and MI5 began tracking down and destroying unused hospital devices that contained radioactive material.
At the time of reporting, 9 devices were missing and were lost or stolen. the devices only contained a small amount of radiation, but enough to be used in a weapon.
Experts have noted that such materials are too abundant to count accurately, but roughly estimate that they are contained in more than 70,000 devices, located in at least 13,000 buildings worldwide, in many cases without security measures specials.
The odds of this type of device are extremely low but possible. A comprehensive risk assessment will determine your organization’s level of risk and identify what detection measures you may need to employ.
explosive
an explosive device sent through the mail is much more likely and there has been a history of these devices passing through the mail stream over the years.
These incidents have occurred all over the world and include everything from letters to larger packages.
In late 2018, Cesar Sayoc, Jr. sent 16 explosive packages (pipe bombs) across the United States. mail flow to various prominent government officials and news agencies.
all devices were designated ied (improvised explosive devices), but had missing components or incomplete firing trains. sayoc admitted to sending the devices as a means of threatening or intimidating.
The suspect pleaded guilty and will be sentenced in late 2019.
Pipe pumps are a common favorite because they are easy to build, but most are very crude in nature and sloppy in design.
unabomber is one of the most well-known criminals using pipe bombs, which were quite advanced compared to most. used a combination of planted devices and mailed devices, which ended up killing 3 people and injuring 23 more.
however, more sophisticated devices have been used in the past. The 2010 transatlantic airliner bomb plot consisted of two separate packages sent via fedex and ups and originated in yemen.
These sophisticated devices used toner cartridges to hide the highly explosive petn (pentaerythritol tetranitrate) and used a cell phone alarm to activate the devices.
They were constructed in a way that makes them difficult to detect on x-ray examination.
Package bombs can be made from a wide variety of explosive material with varying degrees of lethality and complexity. Despite the complicated nature of some of these devices, there are screening and screening methods that can be used to reduce risk.
Mailed devices are generally designed to boot when opened, which allows more leeway than collocated devices in terms of detection. however, early identification is needed to initiate a rapid and appropriate response.
Regardless of the size of your business or organization, you need to conduct a comprehensive mail security and control assessment. there are many factors that contribute to the level of risk and vulnerability of an organization.
once these are determined, appropriate policies and procedures can be put in place to help mitigate the most common threats.