0 Replies Latest reply on Aug 27, 2008 6:19 PM by HarryWaldron

    Fake FedEx email contains bank password stealer

      Fake FedEx email contains bank password stealer

      The new FedEx attacks have been adapted from the prior UPS attacks. Any email especially noting account or billing issues should be verified in a safe manner, e.g., telephone call. Please be careful with all email as these messages appear to be almost geniune.

      http://blog.trendmicro.com/bogus-fedex-notifications-new-malware-courier-of-choi ce/

      QUOTE: Remember the UPS spam runs that were popular last month? Spammers have chosen a different courier this time, but the message was basically the same

      Posing as FedEx notifications, these email messages have the same format as their earlier UPS counterparts: tracking number (perhaps to make the message appear authentic), message body informing recipients that there was a problem with the delivery of a package, and a message urging the recipient to print the attached “invoice” to claim the “package”.

      Even the attachment is of the same file type as those seen in the previous spam runs. The .ZIP file is an info stealer detected by Trend Micro as TSPY_ZBOT.MCS. ZBOT spyware are infamous keyloggers that are known to steal confidential information, such as those related to online banking credentials.