Confirmation from FedEx Email

An email about Walmart.com Returns with the subject of Confirmation from FedEx Email/Online Label pretending to come from FedEx Email/Online Label NoReply <no-reply@packagetrackr.com> with a malicious word doc is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential. They are using email addresses and subjects that will entice a user to read the email and open the attachment.

The email looks like:

These malicious attachments normally have a password stealing component, with the aim of stealing your bank, PayPal or other financial details along with your email or FTP ( web space) log in credentials. Many of them are also designed to specifically steal your Facebook and other social network log in details.

This email has what appears to be a genuine word doc or Excel XLS spreadsheet attached which contains a macro script virus. Modern versions of Microsoft office, that is Office 2010 and 2013 and Office 365 have Macros disabled by default, UNLESS you or your company have enabled them.

Sharing is caring!
Share

Tweet LinkedIn

4 Comment(s)

vilas bansode

Nov 06, 2015 14:46

pls send data for save word documents from viruse.

Reshma W

Nov 03, 2015 21:04

thank you

Nov 03, 2015 17:26

thx for the information ,but how could we recognised that particular mail was fraud

NPAV-Lab

Nov 03, 2015 18:27

Downloaded malware has different versions, some with word doc attachments and some with Excel xls attachments. There are frequently 5 or 6 download locations all delivering exactly the same malware. They ask you to enable editing to run the macro script virus.

NPAV Logo

Confirmation from FedEx Email – word doc malware