Our last copy of FedEx spam arrived back in early December, and it doesn’t look like much has changed since. The sender’s address is still some random email (not a fake fedex.com address), the subject line is still a random tracking number, and the goal is still to infect your computer with Win32/TrojanDownloader.Zortob.B.
Here’s the email (the previous version can be seen here):
From: Shipping Service (email@example.com)
Subject: Tracking ID (387)91-387-387-9611-9611
Order Date: Thursday, 3 January 2013, 11:23 AM
Your parcel has arrived at the post office at January 6.Our courier was unable to deliver the parcel to you.
To receive your parcel, please, go to the nearest office and show this receipt.
GET & PRINT RECEIPT
Best Regards, The FedEx Team.
For those of you who are curious (or possibly new to this FedEx spam thing), when you click the ‘Get & Print Receipt’ link, you will be taken to a third-party site that will download the file Postal-Receipt.zip onto your PC. Hopefully you will not make the mistake of opening this file as it contains the aforementioned Zortob.B Trojan.
What to Do With FedEx Spam
If you receive an email like the one above, it is strongly recommended that you:
- Do not click on any links or open any attached files.
- Report the email to FedEx by forwarding it to firstname.lastname@example.org.
- Delete the email immediately.