Hoax Email: FedEx Delivery Receipt

Security Internet @ lockThere is a hoax spam email being sent that pretends to be from FedEx. It’s pretends to be a delivery notice about missing a delivery attempt. It is the delivery mechanism for an information-stealing Trojan called Smoaler, and contains a link to a malicious Internet website that will infect your computer with malware.

SC Magazine.com recently reported that Symantec has noticed “a rise in the spread of Smoaler, an information-stealing trojan first detected in 2011.”

Preying on FedEx’s policy of returning some parcels to their office if the intended recipient isn’t there to sign for them, the “emails read, “Dear Customer, your parcel has arrived at the post office… Our courier was unable to deliver the parcel to you. The recipient is then directed to go to their nearest FedEx location to claim their package, after following a link to print their receipt. Instead, victims that follow the link download a zip file, called “PostalReceipt.zip,” which contains the malicious executable. Symantec can confirm that the spam was sent at least three days last week – on Monday, Friday and Saturday, Imano said. ”

As usual, the cyber criminals behind this scam have used a natural human reaction to promote an impulsive click on a malicious link. In this case, the fact that they weren’t expecting a delivery raises their curiosity and anticipation that someone has sent them a gift.

You can avoid being infected by malware of this sort by not clicking on the link. My rule is to never, never click on a link in an email I didn’t expect, at least not before checking it out with the sender. Always take a deep breath, suspect that the email and link are dangerous from the beginning, and then set out to prove it isn’t. Trust your instincts; if you have a bad feeling about the email, follow that feeling and be suspicious of it.

You can check the email’s validity by looking at the sender’s email address…it may not be a FedEx address. You can also call your local FedEx office and ask if they sent you such an email. Sure, these steps will take some time, but it’s time well spent to avoid being infected with dangerous malware.

Reference: SC Magazine article

Be very careful…it’s dangerous out there.

Please comment on this article; we all learn from each other when our views and opinions are shared.

I hope you enjoyed this article. If you enter your email address in the Email Subscriptions box on the right column of this page, I’ll send you an email when a new article is posted. I don’t share your email address with anyone…no one; I hate spam too. Please share my site with your friends and family. Thanks.

Remember, personal computing is a blast…keep it productive and enjoyable.

Best regards,



I’m also on Twitter, @PaulsInternet.

Images courtesy of FreeDigitalPhotos.net and FreeByte.com


Leave a comment

Filed under Cybercrime, Internet, Internet Security, malware, Warning

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s