Groups

    FedEx email scam

    Basically it’s a new email scam, they pretend to have tried to deliver a parcel and ask you to download a zip file with the parcel info which looks like it hold’s a word document, when you open it, it will infect your computer

    See the info below



    Fake delivery notification gets confused, has nice lie down Chris Boyd on December 5, 2012 Looks like some scammers had a bit of a mix-up while counting out their cash on a gold plated yacht.



    Click to Enlarge

    Here’s the contents of the mail. The text in bold is a not-very-subtle clue:

    “The UPS Office“:

    Order: SD-5468-482485468
    Order Date: Monday, 2 December 2012, 11:23 AM
    Dear Customer,
    Your parcel has arrived at the post office at December 4.Our postrider was unable to deliver the parcel to you.
    To receive a parcel, please, go to the nearest our office and show this postal receipt.Order: SD-5468-482485468
    Order Date: Monday, 2 December 2012, 11:23 AM
    Dear Customer,
    Your parcel has arrived at the post office at December 4.Our postrider was unable to deliver the parcel to you.
    To receive a parcel, please, go to the nearest our office and show this postal receipt.

    Best regards,
    The FedEx Team

    Whoops.

    You’ll be happy to know that some web browsers are onto this slice of trickery. Attempting to download the offered file with Chrome (for example) pops the following warning message:



    So that’s good. If you still end up with the file on your PC – maybe your browser doesn’t catch it, or maybe you just really want some Malware for Christmas – the “postal receipt” will appear to be a Word document lurking inside a zip file.

    It isn’t a word document:



    Opening the “Word document” (which is actually just an executable file in disguise) will infect your PC with a little something we detect as Trojan.Win32.Generic.pak!cobra. Before you know it, your Trojan chum will delete the original file, create hidden files and make network connections…generally not typical behaviour where a postal receipt is concerned (unless you live in the Eighth Circle of Hell).

    These infection files have been linked to Ransomware, in this case something called “Wheelsof” and you may well find yourself locked out of your PC if unfortunate enough to fall for this one. A lot of these fake delivery notices are pretty convincing, but hopefully the peculiar mashup of FedEx and UPS is the kind of tip-off that’s up there with Pippin lighting the Warning Beacons of Gondor.

    25 Comments

    Banned

    If anyone is silly enough to open a shipping confirmation from a zip file then tough.

    Yet another scam that has been doing the rounds for years As is said on every thread about these things DO NOT OPEN ANY ATTACHED DOCUMENTS TO EMAILS from people you are not expecting them from.

    Email scam, yes.

    New email scam, no.

    This has been around for a while, but it's mostly targeted at corporate email accounts so it mostly never makes it to the inbox

    Dear Customer ?

    Why would you're parents give you a name like that ?

    is this same 1 from last year that there hack ur computer and bank detail
    there was a warning about this on facebook 2 day ago

    Thanks for sharing.

    Ransomware can easily lock you out of your computer totally (as happened to my sons PC).

    Luckily we had a "spare" Windows user on that computer and I was able to still logon and run security software to get rid of it.

    It is a good idea to set up a spare Windows account on every Windows computer, just in case you get locked out of one of them by this ransomware.
    Edited by: "guilbert53" 6th Dec 2012

    Original Poster

    dbhoy

    If anyone is silly enough to open a shipping confirmation from a zip file … If anyone is silly enough to open a shipping confirmation from a zip file then tough.

    At this time of year, people are waiting for parcels to be delivered, maybe worrying that they missed them while at work and let their defences drop, its not a bad thing to bring this to the attention of people

    I've just had this one ;-)
    FedExOrder: VGH-0988-5214830362
    Order Date: Friday, 14 December 2012, 01:21 PM
    Dear Customer,
    Your parcel has arrived at the post office at December 20.
    Our courier was unable to deliver the parcel to you.To receive a parcel, p *+++ lease, go to the nearest our office and show this receipt.   
      DOWNLOAD POSTAL RECEIPT
    Best Regards, The FedEx Team.©

    Mmm to receive "a" parcel and "p*+++ lease"
    FedEx 1995-2012

    Can anyone help with this one? I opened the damned thing because I was actually expecting an OS package. My antivirus prevented it downloading, but now a screen to download Defender 7 dominates my computer and won't let me access anything else. I'm technically illiterate so don't know if this is part of the bug or a genuine requirement of the inbuilt antivurus that came installed when I purchased the computer. HELP!!!!!!

    Original Poster

    monicathomas33886

    Can anyone help with this one? I opened the damned thing because I was … Can anyone help with this one? I opened the damned thing because I was actually expecting an OS package. My antivirus prevented it downloading, but now a screen to download Defender 7 dominates my computer and won't let me access anything else. I'm technically illiterate so don't know if this is part of the bug or a genuine requirement of the inbuilt antivurus that came installed when I purchased the computer. HELP!!!!!!


    Try booting in safe mode (press F8 rapidly when turning on, if it gets to the widows logo you missed it) select safe mode. then go to start / all programs / accessories /tools /system restore/ and restore to a date it worked well, I usually go back a few weeks depending on what I have installed, if you haven’t installed anything go back as far as it will let you.
    Also Try a malware program malwarebytes is good

    The contents of my scam mail:

    Order: MNR-8062-1376268269
    Order Date: Tuesday, 3 December 2012, 03:44 PM
    Dear Customer,

    Your parcel has arrived at the post office at December 18.Our courier was unable to deliver the parcel to you.

    To receive a parcel, please, go to the nearest our office and show this receipt.



    DOWNLOAD POSTAL RECEIPT


    Best Regards, The FedEx Team.

    anony1231

    The contents of my scam mail:Order: MNR-8062-1376268269 Order Date: … The contents of my scam mail:Order: MNR-8062-1376268269 Order Date: Tuesday, 3 December 2012, 03:44 PM Dear Customer,Your parcel has arrived at the post office at December 18.Our courier was unable to deliver the parcel to you.To receive a parcel, please, go to the nearest our office and show this receipt. DOWNLOAD POSTAL RECEIPTBest Regards, The FedEx Team.



    Surely anybody can see the grammatical mistake/s in this line and question it's legitimacy.

    Still yet to get infected

    anony1231

    The contents of my scam mail:Order: MNR-8062-1376268269 Order Date: … The contents of my scam mail:Order: MNR-8062-1376268269 Order Date: Tuesday, 3 December 2012, 03:44 PM Dear Customer,Your parcel has arrived at the post office at December 18.Our courier was unable to deliver the parcel to you.To receive a parcel, please, go to the nearest our office and show this receipt. DOWNLOAD POSTAL RECEIPTBest Regards, The FedEx Team.



    had the same,could tell straight away it wasn't legit from the mistakes

    'go to the nearest our office and show this receipt.' alarm bells !

    for starters fedex in the uk do not email customers telling them we couldnt deliver a parcel. we actually attempt a delivery and post a card through the door. thats the only way.
    secondly the tracking numbers they use are wrong . its 11 numbers . With an international delivery there is also a 16 digit tracking number. no letters are used.
    thirdly the logo on these emails is wrong. fedex is slightly more squashed together . fed and ex are not seperated.

    scam emails? whats are they?

    brilly

    scam emails? whats are they?



    They're a myth brilly, nothing to worry about. What's your email address btw? I know a nigerian prince who's holding $2,000,000,000,000,000 in your name, and he wants to get in touch. Drop me a PM.

    miikeyblue

    They're a myth brilly, nothing to worry about. What's your email address … They're a myth brilly, nothing to worry about. What's your email address btw? I know a nigerian prince who's holding $2,000,000,000,000,000 in your name, and he wants to get in touch. Drop me a PM.


    ah its np - hes already contacted me.
    sent him my details and the funds seeing as the money was all in diamonds - should be with me shortly.

    yeah, got a few these some time ago.
    not new scam though as someone said earlier.

    I've Just received a similar email, and as I was expecting a delivery from Fedex, needed to check out the authenticity.

    Fortunately I never opened it just deleted it straight away.

    The signs were there that it was a scam.

    I never open an attachment unless I can be sure of the provenance

    Be warned though, it can happen to anyone.

    Always be wary.

    just received a scam mail , still going around

    thanks for the heads up!

    oO

    Just received an email with the "Fed Ex" logo at the top but from christopher_george79@posture101.com (???)

    It just says:

    Our courier couldnt make the delivery of parcel to you at 27th … Our courier couldnt make the delivery of parcel to you at 27th August.Print Label and show it in the nearest post office.



    It wants you to click on 'print label'... Email deleted.
    Post a comment
    Avatar
    @
      Text
      Top Discussions
      1. ❅☁☁❅ I want☼to talk☼about the☔WEATHER☔no politics☃no religion❅☁☁❅18846235
      2. Report online material promoting terrorism or extremism1221
      3. Just heard this...2 ★★★★★★★★★★★★★★ congrats to all on 392k ★★★★★★★★★★★★★★7764376
      4. How dangerous is Donald trump?32180

      See more discussions