What Does this Fedex Email Scam Say?

boxAccording to these emails, which claim to be from delivery company FedEx, a package en route to the recipient has been returned to the FedEx office due to an error in the package’s delivery address. The emails instruct the recipient to open an attached file which supposedly contains a mailing label that must be printed out and taken to a FedEx office to allow correct delivery of the package. Some versions claim recipients must click a link and go to a website to print off their shipping receipt. Below is an example of what this Fedex Email Scam looks like.


From: Logistics Services

Dear Client,

Your parcel has arrived at June 16. Courier was unable to deliver the parcel to you.

To receive your parcel, print this label and go to the nearest office.

Print Shipment Label

How does the Scam Work?

Hofedex-spamwever, the emails are not from FedEx and  is a Fedex Email Scam. The claim that a package has been returned is a lie designed to fool the recipient into opening attached files or clicking links. The attachments do not contain a mailing label. Instead, they contain a malicious .exe file, usually hidden inside a seemingly innocuous .zip file, that can install malware on the user’s computer. Alternatively, links in the messages may open compromised websites that harbour the malware. Typically, this malware can modify the registry on the infected computer, connect to remote servers and download and install additional malware. Wording of the malware emails may vary, although all make reference to a package that could not be delivered.
FedEx has published a warning about this threat on its website, noting:

Be alert for fraudulent e-mails claiming to be from FedEx regarding a package that could not be delivered. These e-mails ask the receiver to open an attachment in order to obtain the airbill or invoice for picking up the package. The attachment contained in this type of e-mail activates a virus. DO NOT OPEN the attachment. Instead, delete the e-mail immediately.

These fraudulent e-mails are the unauthorized actions of third parties not associated with FedEx. When FedEx sends e-mails with tracking updates for undeliverable packages, we do not include attachments.

The tactic is not new, and has been used almost continually by malware distributors since at least 2008. Other long running versions of the malware emails claim to be from United Parcel Service (UPS) rather than FedEx.

anti_virus_old_schoolHow can I Know if it’s a Scam or Real?

Users should be wary of any emails that claim that delivery of a package by FedEx or UPS has failed or been delayed. Do not open any attachments that arrive with such emails as they are likely to contain trojans or other malware. Do not click any links in such emails as they may lead to malicious websites that also contain malware.

If you Click on it please Read the Article on how to remove a virus.

Did you get this e-mail or click on it let us know in the comments!