FedEx Delivery Notification. (Confirmation) pretending to come from FedEx Courier Delivery <FedExdelivery@FedEx.com> is a phishing scam
When I first saw these emails start to come in, I thought it was a follow 0n to the current malware spreading campaign Fedex Unable to deliver your item, #00486182 malware but no, it is a pure and simple phishing scam trying to get you to voluntarily give your details. It is most likely a 419 scam which will ask for a fee to expedite the delivery. Just look at all the spelling and grammar mistakes in the email, but of course most victims just don’t read emails closely, just blindly follow instructions and do what is asked without thinking
Email looks like :
YOUR URGENT ATTENTION
This is to request your immediate confirmation of your package which was due for delivery since Friday the 28th of November 2014 but is being held here by Customs and Control as it contains Check/Card.
You are hereby required to reconfirm the following details for immediate clearance and delivery of your Package which contains some payments and other highly classified personal effects:
1: Your Contact Address
2: Telephone Number
Upon the above confirmation we shal proceed with the clearance of your package with and delivery within the next 24 hours.
Fedex Special Delivery
NB; Please DO NOT reply or send your delivery information to (FedExdelivery@FedEx.com). You are advised to email them directly to me at (firstname.lastname@example.org) so I can personally ensure that this Highly Classified Package is delivered to you as scheduled and not sent to wrong person/address or confiscatd by the authorties.
Please read our How to protect yourselves page for simple, sensible advice on how to avoid being infected by this sort of socially engineered malware. All of these emails use Social engineering tricks to persuade you to open the attachments that come with the email or click the link in the email . Whether it is a message saying “look at this picture of me I took last night” and it appears to come from a friend or is more targeted at somebody who regularly is likely to receive PDF attachments or Word .doc attachments or any other common file that you use every day. Or whether it is a straight forward attempt, like this one, to steal your personal, bank, credit card or email and social networking log in details. Be very careful when unzipping them and make sure you have “show known file extensions enabled“, And then look carefully at the unzipped file. If it says .EXE then it is a problem and should not be run or opened