Confirmation from FedEx Email – word doc malware

An email about Returns with the subject of Confirmation from FedEx Email/Online Label pretending to come from FedEx Email/Online Label NoReply <> with a malicious word doc is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential.  They are using email addresses and subjects that will entice a user to read the email and open the attachment.

The email looks like:

These malicious attachments normally have a password stealing component, with the aim of stealing your bank, PayPal or other financial details along with your email or FTP ( web space) log in credentials. Many of them are also designed to specifically steal your Facebook and other social network log in details.

This email has what appears to be a genuine word doc or Excel XLS spreadsheet attached which contains a macro script virus. Modern versions of Microsoft office, that is Office 2010 and 2013 and Office 365 have Macros disabled by default, UNLESS you or your company have enabled them.



Sharing is caring!


    1. Downloaded malware has different versions, some with word doc attachments and some with Excel xls attachments. There are frequently 5 or 6 download locations all delivering exactly the same malware. They ask you to enable editing to run the macro script virus.

Leave a Reply

Your email address will not be published. Required fields are marked *