FedEx notification malware attack spammed out

Take care when opening your email inbox, as malicious hackers have spammed out another malware attack posing as a parcel delivery notification.

The emails, which pretend to be related to a FedEx package delivery, have been sent out via spam email to addresses around the world. But if you open the attached file – called document.zip – you risk infecting your Windows computer.

Dear customer.

The parcel was sent your home address.
And it will arrive within 7 business day.

More information and the tracking number are attached in document below.

Thank you.
© FedEx 1995-2011

All of the emails we have seen in this latest campaign use the subject line “FedEx notification #XXXXX” (where “XXXXX” is a random number), although obviously this could be changed by the attackers at any time.

Sophos products intercept the malware attack as…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.