{"id":1634,"date":"2019-04-06T19:33:44","date_gmt":"2019-04-06T19:33:44","guid":{"rendered":"http:\/\/www.syyhoaxanalyzer.com\/?p=1634"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T17:00:00","slug":"FedEx-Incorrect-Delivery-Address-Malware-Email","status":"publish","type":"post","link":"https:\/\/www.syyhoaxanalyzer.com\/?p=1634","title":{"rendered":"FedEx Incorrect Delivery Address Malware Email"},"content":{"rendered":"<div>\n<h3 class=\"noMargin\">Outline<\/h3>\n<p>Emails purporting to be from delivery company FedEx claims that a package en route to the recipient has been returned due to an addressing error and that he or she must open an attached file or follow a link to print a mailing label in order to receive the package. \u00a0 <\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Top Content Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"4870821038\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<div class=\"IphoneAds\"><\/div>\n<h3 class=\"noMargin\">Brief Analysis<\/h3>\n<p>The emails are not from FedEx. The claim that a package has been returned is a lie designed to trick recipients into opening the attached file or following a link. The attachment contains malware. Links in the messages open compromised websites that also contain malware.<\/p>\n<h3 class=\"noMargin\">Example<\/h3>\n<div class=\"example\">\n<p><strong>Subject: Number (C)BCD71 911 230 0817 4270<\/strong><\/p>\n<p>Fed Ex<\/p>\n<p>Order: SGH-9226-99950127<br \/>\nOrder Date: Thursday, 17 January 2013, 11:10 AM<br \/>\nDear Customer,Your parcel has arrived at the post office at January 18.Our courier was unable to deliver the parcel to you.<\/p>\n<p>To receive your parcel, please, go to the nearest office and show this receipt.<\/p>\n<p>GET &amp; PRINT RECEIPT<\/p>\n<p>Best Regards, The FedEx Team.<\/p>\n<p><a href=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/fed-ex-jan-13.jpg\" data-rel=\"penci-gallery-image-content\" ><img loading=\"lazy\" decoding=\"async\" data-attachment-id=\"19278\" data-permalink=\"https:\/\/www.hoax-slayer.net\/fedex-incorrect-delivery-address-malware-email\/fed-ex-jan-13\/\" data-orig-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/fed-ex-jan-13.jpg\" data-orig-size=\"499,397\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"fed-ex-jan-13\" data-image-description=\"\" data-medium-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/fed-ex-jan-13-300x239.jpg\" data-large-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/fed-ex-jan-13.jpg\" class=\"aligncenter size-full wp-image-19278\" src=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/fed-ex-jan-13.jpg\" alt=\"FedEx Parcel Delivery Malware Email\" width=\"499\" height=\"397\" srcset=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/fed-ex-jan-13.jpg 499w, https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/fed-ex-jan-13-300x239.jpg 300w\" sizes=\"(max-width: 499px) 100vw, 499px\" \/><\/a><\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<div class=\"example\">\n<p><b>Subject: Print your postal label<\/b><\/p>\n<p>Notification,<\/p>\n<p>Our company&#8217;s courier couldn&#8217;t make the delivery of parcel.<br \/>\nStatus:Wrong postal code.<\/p>\n<p>LOCATION:Tallahassee<br \/>\nPARCEL STATUS: sort order<br \/>\nSERVICE: Local Pickup<br \/>\nNUMBER OF YOUR PARCEL:U138674639NU<br \/>\nINSURANCE: Yes<\/p>\n<p>Label is enclosed to the letter.<br \/>\nPrint a label and show it at your post office.<\/p>\n<p>Important information!<br \/>\nIf the parcel isn&#8217;t received within 30 working days our company will have the right to claim compensation from you for it&#8217;s keeping in the amount of $12.76 for each day of keeping.<\/p>\n<p>You can find the information about the procedure and conditions of parcels keeping in the nearest office.<\/p>\n<p>Thank you.<br \/>\nFedEx Global.<\/p>\n<p><i>Attachment named &#8220;FedEx_Label_ID_Order.zip&#8221; removed<\/i><\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<div class=\"example\">\n<p><b>Subject: FedEx Invoice copy No60359<\/b><\/p>\n<p>Your package has been returned to the FedEx office.<br \/>\nThe reason of the return is &#8211; Incorrect delivery address of the package.<\/p>\n<p>Attached to the letter mailing label contains the details of the package delivery.<br \/>\nYou have to print mailing label, and come in the FedEx office in order to receive the packages.<\/p>\n<p>Thank you.<br \/>\nFedEx Express Services.<\/p>\n<p>Attached File:<br \/>\nFedEx_mailing_label_ID.S2950.zip<\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<h3>Detailed Analysis<\/h3>\n<p>According to these emails, which claim to be from delivery company FedEx, a package en route to the recipient has been returned to the FedEx office due to an error in the package&#8217;s delivery address. The emails instruct the recipient to open an attached file which supposedly contains a mailing label that must be printed out and taken to a FedEx office to allow correct delivery of the package. Some versions claim recipients must click a link and go to a website to print off their shipping receipt. \u00a0<\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block; text-align:center;\"\n     data-ad-format=\"fluid\"\n     data-ad-layout=\"in-article\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"9162856233\"><\/ins><br \/>\n<script>\n     (adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p> However, the emails are not from FedEx and the claim that a package has been returned is a lie designed to fool the recipient into opening attached files or clicking links. The attachments do not contain a mailing label. Instead, they contain a malicious .exe file, usually hidden inside a seemingly innocuous .zip file, that can install malware on the user&#8217;s computer. Alternatively, links in the messages may open compromised websites that harbour the malware. Typically, this \u00a0malware \u00a0can modify the registry on the infected computer, connect to remote servers and download and install additional malware. The wording of the malware emails may vary, although all make reference to a package that could not be delivered.<\/p>\n<p>FedEx has published a warning about this threat on its website, \u00a0<a href=\"https:\/\/web.archive.org\/web\/20130304094016\/http:\/\/www.fedex.com\/bs\/fraud\/virusalert.html\">noting<\/a>:<\/p>\n<blockquote>\n<p><i>Be alert for fraudulent e-mails claiming to be from FedEx regarding a package that could not be delivered. These e-mails ask the receiver to open an attachment in order to obtain the airbill or invoice for picking up the package. The attachment contained in this type of e-mail activates a virus. DO NOT OPEN the attachment. Instead, delete the e-mail immediately.<\/i><\/p>\n<p>These fraudulent e-mails are the unauthorized actions of third parties not associated with FedEx. When FedEx sends e-mails with tracking updates for undeliverable packages, we do not include attachments.<\/p>\n<\/blockquote>\n<p>The tactic is not new and has been used almost continually by malware distributors since at least 2008. Other long-running \u00a0<a class=\"norm\" title=\"Not Able to Deliver UPS Package Malware Email\" href=\"http:\/\/www.hoax-slayer.com\/ups-malware.shtml\">versions of the malware emails<\/a> \u00a0claim to be from United Parcel Service (UPS) rather than FedEx.<\/p>\n<p>Users should be wary of any emails that claim that delivery of a package by FedEx or UPS has failed or been delayed. Do not open any attachments that arrive with such emails as they are likely to contain trojans or other malware. Do not click any links in such emails as they may lead to malicious websites that also contain malware.<\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- Third Content Ad Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"1909104632\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<div align=\"center\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Bottom AdLinks --><br \/>\n<ins class=\"adsbygoogle\" style=\"display: block;\" data-ad-client=\"ca-pub-0355887770822260\" data-ad-slot=\"1358951439\" data-ad-format=\"link\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/div>\n<p><\/br><\/br> Original Source : <a href=\"https:\/\/www.hoax-slayer.net\/fedex-incorrect-delivery-address-malware-email\/\" target=\"_blank\">https:\/\/www.hoax-slayer.net\/fedex-incorrect-delivery-address-malware-email\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Outline Emails purporting to be from delivery company FedEx claims that a package en route to the recipient has been returned due to an addressing error and that he or she must open an attached file or follow a link to print a mailing label in order to receive the package. \u00a0 Brief Analysis The [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6890,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1634","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hoax-inggris"],"_links":{"self":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/1634"}],"collection":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1634"}],"version-history":[{"count":0,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/1634\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/media\/6890"}],"wp:attachment":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1634"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1634"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1634"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}