Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









FedEx 'Verify Your Identity' Malware Emails

Outline
Email purporting to be from delivery company FedEx claims that a package delivery could not be completed because important information was missing.  Recipients are instructed to click a link to verify their identity or risk having the package returned to sender.

Safety concept: circuit board with Malware

© Depositphotos.com/ maxkabakov



Brief Analysis
The message is not from FedEx. Links in the email open a fake FedEx website that invites users to download "verification manager" software. If downloaded and run, the bogus "verification manager" will install malware on the user's computer.

Bookmark and Share

Example

From: FedEx UK
Subject: Package for you

SHIPPING CONFIRMATION
Dear [email address removed]

We have a package for you!
Unfortunately some important information is missing to complete the delivery.
Please follow the link to verify your identity:

verify your identity now!

You have 24 hours to compleate the verification! Otherwise the package will be returned to sender!

Order confirmation number: 56749951703

Order date: 03/12/2013

Thank you for choosing FedEx.

fedex.com

FedEx Malware


Detailed Analysis


According to this message, which claims to be a shipping confirmation from international delivery company FedEx, a package en route to the recipient has not been delivered because important information is missing.

The message claims that the recipient must click a link to verify his or her identity and warns that if the verification is not completed within 24 hours, the package will be returned to the sender.

However, the email is not from FedEx. In fact, it is just one incarnation in a long line of fake "delayed package delivery" emails designed to trick people into installing malware on their computers.

Those who fall for the ruse and click the link will be taken to a bogus website tricked up to resemble a genuine FedEx webpage.  Once on the page, they will be instructed to download and install a piece of software called the "FedEx Verification Manager", as shown in the following screenshot:
 
FedEx Malware

However, following the instructions will not install a verification manager as claimed. Instead, it will install a trojan on the victim's computer. Typically, such trojans can harvest sensitive information from the compromised computer and send it to online criminals. It may also allow the criminals to take control of the infected computer.

FedEx has long been targeted in similar malware campaigns, as have other delivery services, including DHL, UPS, and the Royal Mail.  Be very cautious of any unsolicited email that claims that a package sent to you has been delayed and you must click a link or open an attached file to provide further information.

Bookmark and Share

Last updated: December 12, 2013
First published: December 12, 2013
By Brett M. Christensen
About Hoax-Slayer

References
FedEx Incorrect Delivery Address Malware Email
DHL Notification Malware Email
Not Able to Deliver UPS Package Malware Email
Royal Mail Lost or Missing Package Malware Email