Debunking hoaxes and exposing scams since 2003!

Jump To: Example   References

Fake CargoSmart 'Sea Waybill Notification' Email Contains Malware

Jump To: Example   References

This email, which purports to be from shipment management software provider CargoSmart, claims to be a sea waybill notification about a recent shipment. The email claims that the Bill of Lading (BL) draft for the supposed shipment is ready for your review. The email includes an attached file that some recipients may believe contains the BL draft.

However, the email is not from CargoSmart and the attached file does not contain a Bill of Lading or any other official document. Instead, the attached .zip file harbours a dangerous executable file that, if opened, can install malware on Windows based computers.

The exact nature of the malware payload may vary. Typically, however, such malware can download further malware, steal sensitive information such as banking passwords, and allow online criminals to control the infected computer from afar.

This malware campaign is fairly sophisticated. The email includes the CargoSmart logo and links in the email open pages on the genuine CargoSmart website. The message even includes a privacy and security statement that you might expect to find in a genuine shipment notification. And, the sender email address has been spoofed to make it appear that the message really was sent by CargoSmart.

The scammers know that at least a few people will open the attached file because they think that they have received an unexpected shipment. Or, recipients may be concerned that their personal and financial information may have been compromised.

Such simple social engineering tricks can be very effective. A similar malware campaign that has claimed victims all around the world over the last several years consists of fake notification emails that claim that a package delivery has failed due to an addressing error. The emails include attachments that contain malware or link to malware websites.

If you receive one of these bogus CargoSmart emails, do not click any links or open any attachments that it contains.



Bookmark and Share


Subject: OOCL - B/L:0427578788(XIN YANG PU DOQ7H) - BL Draft is Ready for Review

Dear Customer, CargoSmart is pleased to provide you with the following sea waybill notification:

Carrier: OOCL
SEA WAYBILL Number: 0427578788

Document Type Number of Prints
Ver 2 Draft 3
Received on: 29 Sep 2015, 05:17 GMT
Vessel Voyage: XIN YANG PU DOQ7H
Shipper's Reference:
Carrier Remarks:

For My OOCL Center user:
You can directly "Accept" this Draft B/L by the link: Accept
You can directly "Change Request" to this Draft B/L by the link: Change Request

For My CargoSmart Center user:
You can directly "Accept" this Draft B/L by the link: Accept
You can directly "Change Request" to this Draft B/L by the link: = Change Request

If you would like to check the details of this bill of lading document(s), please visit our CargoSmart Center at

For Technical Support, please contact CargoSmart Support. For shipping assistance, please contact the carrier= customer service centers.

Thank you for using CargoSmart, the customer preferred choice.

CargoSmart Customer Care

Fake CargoSMart Malware Email

Laptop with malware stamp

Last updated: October 6, 2015
First published: October 6, 2015
By Brett M. Christensen
About Hoax-Slayer

Fake FedEx 'Shipment Notification' Email Contains Malware