FedEx notification malware attack spammed out

Take care when opening your email inbox, as malicious hackers have spammed out another malware attack posing as a parcel delivery notification.

The emails, which pretend to be related to a FedEx package delivery, have been sent out via spam email to addresses around the world. But if you open the attached file – called – you risk infecting your Windows computer.

Malicious FedEx notification email

Dear customer.

The parcel was sent your home address.
And it will arrive within 7 business day.

More information and the tracking number are attached in document below.

Thank you.
© FedEx 1995-2011

All of the emails we have seen in this latest campaign use the subject line “FedEx notification #XXXXX” (where “XXXXX” is a random number), although obviously this could be changed by the attackers at any time.

Sophos products intercept the malware attack as Troj/Bredo-FN.

As Duck described in his recent 90 second news video, scammers are banking on the coincidence that you really are waiting for a parcel to be delivered when one of these fake package notification emails arrives.

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like.)