News Categories

Symantec Warns of Fake FEDEX Emails Containing Malware

By Lionell Go Macahilig & Joy Hou - on 4 Feb 2013, 1:36pm

Symantec Warns of Fake FEDEX Emails Containing Malware

Symantec Security Response has discovered that fake FedEx emails have been circulating. In these emails, users are asked to click on a link to print out a receipt in order to retrieve their parcel in person from the nearest FedEx office. Unsuspecting users who click on the link will be greeted by a file containing a malicious executable file named "PostalReceipt.exe". A malware, "Trojan.Smoaler", will then be delivered to their computer.

All the bogus FedEx emails delivering this malware are almost identical, save for order numbers and the website the zip file is hosted on. An oversight on the part of the malware author (or one sign of laziness), is the use of the same Order Date. However, the author does change the domain where Trojan.Smoaler is hosted daily.

Example of a FedEx email (Image source: Symantec)

FedEx has posted a warning on its website along with further information about online security. As always, Symantec recommends users to keep their antivirus up to date and avoid clicking on links in emails received from unknown senders. If a suspicious email originates from an organization that you do not have any personal business dealings with, it should be assumed that these emails are potentially malicious and should not be opened.

Source: Symantec