Failed to deliver your package in 48hrs!!! Here have some malware instead

A new wave of mass-mailed Fedex spam is circulating this fine Thursday morning. The text from the message reads as follows (with slight variations in the tracking number, month and date fields):

Subject: Tracking N <some random digits>

Unfortunately we were not able to deliver postal package you sent on <Month> the <date> in time
because the recipient’s address is not correct.
Please print out the invoice copy attached and collect the package at our office

Your FEDEX
http://www.fedex.com

The attached zip archive and the executable inside the archive is detected by us as Troj/FakeAV-BY. This is yet another mutation of spam which also brought you:

  • Your Online Flight Ticket N <some random digits>
  • Fedex Tracking N_ <some random digits>
  • Fedex tracking number <some random digits>

Please be careful about attachments from unknown sources in your email and don’t rush to the nearest Fedex office looking for that long overdue package; Fedex usually calls versus mass emails :)