Don’t fall for this fraudulent FedEx phishing email

Posted by Jaclyn McRae on 11 November 2016 15:56:37 AEDT

An opportunistic new fake FedEx email scam tries to dupe recipients into handing over their Microsoft account details. 

Detected by MailGuard, the phishing email is designed to look like a FedEx shipment notification.

FedEx fake shipping notification MailGuard.jpg

It addresses the recipient by name and is sent from ‘trackingupdates@fed-ex.com’. While it’s a plausible-looking address, the real FedEx sending domain doesn’t have a hyphen. A link in the email, called ‘Track parcel’, directs the recipient to a webpage hosted in Dropbox.

FedEx fake shipping notification MailGuard2.jpg

It tells users they must sign in to view the package, and then redirects to a fakeOffice 365 phishing page.

FedEx fake shipping notification MailGuard3.jpg

Those who hand over their user name and password at the fake page are then directed to the real OneDrive home page.  

FedEx fake shipping notification MailGuard4.jpg

FedEx warns: Be on alert for scams
The delivery company says similar phishing emails contain the subject lines “Shipping Conformation,” “Verify Info”, “Some important information is missing” and “Please fulfil the documents attached to verify your identity.”

Some of those variants have been known to contain viruses or other malware. 

“FedEx does not send unsolicited emails to customers requesting information regarding packages, invoices, account numbers, passwords or personal information,” FedEx advises. 

“If you receive a message matching this description below, do not open the email or click on the attachment. Delete the email immediately or forward it to abuse@fedex.com.” 

The danger of falling for a phishing scam 

As many people – dangerously – use the same log-in and password information across many internet sites, victims who provide their email account details to scammers may inadvertently hand over the keys to their bank accounts and other personal information. 

Aside from losing access to your email account, you could soon discover other accounts have been infiltrated. 

The top tell-tale signs of phishing scams

  • A sense of urgency in the email
  • Bad grammar, poor spelling, misuse of punctuation
  • Requests to verify email account information
  • Illegitimate links (hover over them and you can tell if the link matches the purported destination)
  • Generic greetings such as ‘Hello sir’
  • Obscure sending addresses, or the use of a hyphen in the name to trick recipients
  • Distorted logos/poor quality graphics

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.


Keep Informed with Weekly Updates

 

^ Back to Top

Topics: Phishing Cyber Criminals email scam Email Spam Scam FedEx Shipping notification

Back to Blog

Comments:


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all