© Depositphotos.com/ maxkabakov
From: FedEx UK
Subject: Package for you
Dear [email address removed]
We have a package for you!
Unfortunately some important information is missing to complete the delivery.
Please follow the link to verify your identity:
verify your identity now!
You have 24 hours to compleate the verification! Otherwise the package will be returned to sender!
Order confirmation number: 56749951703
Order date: 03/12/2013
Thank you for choosing FedEx.
However, the email is not from FedEx. In fact, it is just one incarnation in a long line of fake "delayed package delivery" emails designed to trick people into installing malware on their computers.
Those who fall for the ruse and click the link will be taken to a bogus website tricked up to resemble a genuine FedEx webpage. Once on the page, they will be instructed to download and install a piece of software called the "FedEx Verification Manager", as shown in the following screenshot:
However, following the instructions will not install a verification manager as claimed. Instead, it will install a trojan on the victim's computer. Typically, such trojans can harvest sensitive information from the compromised computer and send it to online criminals. It may also allow the criminals to take control of the infected computer.FedEx has long been targeted in similar malware campaigns, as have other delivery services, including DHL, UPS, and the Royal Mail. Be very cautious of any unsolicited email that claims that a package sent to you has been delayed and you must click a link or open an attached file to provide further information.
Last updated: December 12, 2013