This morning, I got a suspicious email into my Junk E-mail folder, which I would normally ignore. This time, however, it got my attention because we were indeed expecting a package delivery. Even though we already knew the package carrier is not Fedex, what if it changed the carrier? But again, it looks to me like a typical scam email because our package carrier is not supposed know my email address. The suspicious email has an attached payload zip file. The email says in not-so-perfect English:
Dear Customer,
The delivery service couldn’t deliver your package.
The package weight exceeds the allowable free-delivery limit.You have to receive your packagen personally.
Print out the “Invoice Copy” attached and collect the package at our office.Please read carefully the attached information before receiving your package.
Thank you for attention. FedEx Global.
The attached payload file name was: “FedEx_Invoice_Copy_N44-134.zip“
The zip file was only 3 byte long.. What’s going on here? If the zip file ever gets clicked (opened), 100% virus-generating code would infect the running PC.
The email forensic reveals that it has originated from www-data <www-data@mail.ecom.hu>. Googling reveals it is not even a legit domain name, in other words this email contains 100% lie. What kind of world are we living in these days?
I am not expecting a package but I just received an email from “FedEX Express” with a subject line that reads “Track your parcel” and the email reads:
“FedEx notice,
The delivery service couldn’t deliver your package.
The package weight exceeds the allowable free-delivery limit.
You have to receive your packagen personally.
Print out the “Invoice Copy” attached and collect the package at our office.
Please read carefully the attached information before receiving your package.
Thank you. FedEx Services.”
It has an attachment “FedEx_Invoice_Copy_N44-134.zip” that is 51KB which I almost opened but I am sure it contains something that means harm so I thank you for your posting which confirms it is not legitimate.
I plan to notify the shipping company, Federal Express, to inform them of this so they can warn the public.
Got this message in my inbox, (so obvious its not legit) and has an attachment to it called FedEx_Invoice_Copy_N44-134.zip
DO NOT Open this file. Looking inside the .zip its got FedEx_Invoice_Copy_N44-134.exe which is a virus, do not open this file.
The message body was:
Dear Customer,
The delivery service couldn’t deliver your package.
The package weight exceeds the allowable free-delivery limit.
You have to receive your packagen personally.
Print out the “Invoice Copy” attached and collect the package at our office.
Please read carefully the attached information before receiving your package.
Thank you for attention. FedEx Logistics.
I didn’t even bother to look into the zip file myself, but kind of curious what it would do if executed..
In a slightly tired state- and also expecting a package- I foolishly opened this file. More than once. It was only when I stopped being so stupid that I actually thought about it…
However, it does not appear to have done anything yet, though this is making me nervous.
Ran a simple scan on the system which has not revealed anything- probably going to do a more detailed scan now.
smart fortress 2012 security virus! Avoid!