A New Twist on Phishing: Fraudulent FedEx Email Attacks

In the wake of a flood of phishing email attacks masquerading as news bulletins, hackers have recently launched attacks disguised as FedEx express delivery tracking emails. These hackers use botnet computers to send emails with FedEx package tracking numbers telling recipients that the delivery of their parcel has run into some problem: the address contains an error, the recipient's name does not exist, customer reconfirmation is required, or pick-up is required. A compressed zip file is attached to the email, and the customer is asked to decompress the file, print it out, and send it back. The zip file is actually a malicious program, however, and if opened by an unsuspecting recipient, will automatically install a backdoor program that can steal sensitive data on the computer. This type of email attack relies on social engineering. For instance, a package tracking number may be used to obtain the recipient's trust, or the email may provide notification of a package ready for pick-up. And since there is a compressed zip file, a backdoor program can be installed on the user's computer without the user visiting a malicious web site. CGAC immediately issued an anti-spam database update after detecting this type of email attack on the 22nd; the update will protect users by effectively controlling the spread of the attack and fraudulent email volume.