The risk of malware arriving on newly purchased computer equipment is very real. However, I believe you have much more reason to fear the original manufacturing practices than what goes on during shipment.
Consider that covertly intercepting, opening and resealing equipment is a high costs, high risks endeavour. It is also highly illegal. Assuming you live in the United States, federal statute 18 USC Section 1702 makes it illegal to knowingly open a correspondence addressed to someone else. While there is an exception for opening mail by mistake, I think the acts your fear would be very hard to argue away as a mistake (but IANAL).
However, there are countless examples of malware being factory-installed. Most recently, Dell shipped computers with a pre-installed self-signed root certificate, together with its unencrypted private key. This breaks all PKI for all recent Dell customers:
http://arstechnica.com/security/2015/11/dell-does-superfish-ships-pcs-with-self-signed-root-certificates/
This was done only a few weeks after Lenovo was caught doing the same thing. And there are countless other examples. Here's another: http://www.zdnet.com/article/malware-found-on-new-hard-drives/
The Taipei Times is reporting that around 1,800 new 300GB and 500GB
external hard drives manufactured by Maxtor shipped with malware on
them. What makes this story even more interesting is that Taiwanese
authorities suspected that Chinese authorities were involved.
In these cases, tampering would not be obvious. The drives would arrive factory sealed! Moreover, these are exactly the types of issues that can be (and indeed already are) argued away as mistakes. Plausible deniability and all that. If I was a surveillance-happy Government, this is how I would approach the problem (but, I'm not that paranoid).
In short, if you are worried (and you clearly are), perhaps use a Linux machine (perhaps booted from a live DVD) to deeply format your drive before using it. Hey, maybe this would make a fun Raspberry PI project.