Fake FedEx E-mails Flood the Web
A new e-mail malware campaign has hit record levels in the past 24 hours.
More than 21 million spam e-mails claiming to be notification of non-delivery from FedEx (NYSE: FDX) have hit the Web, managed e-mail security vendor MX Logic's vice president of information security Sam Masiello told InternetNews.com.
This accounted for about 80 percent of all the e-mail borne malware over the 24-hour period, Masiello said.
This is the third round of e-mail spams purporting to come from courier companies in the past few weeks, and the one with the highest volume, according to Masiello. The first two purported to be from UPS (NYSE: UPS) and DHL, but "they only numbered in the tens of thousands," he added. "That goes to show you what good social engineering and a well-known brand can do for you."
Social engineering is the art of manipulating people into doing something like going to a Website, or divulging confidential information. Many spammers either get their victims to click on Web sites that download malware into their computers or get them to provide their personal information through various pretexts.
The fake FedEx e-mails use various come-ons, such as including a tracking number or claiming the recipient has a package in the subject line. According to MX Logic, the e-mails say the recipient sent a package on July 25 but it had not been delivered because the address was incorrect, and ask the recipient to print out an attached invoice and collect the package at the FedEx office.
The attached invoice is a .zip file which contains the malware, MX Logic said. Once a recipient clicks on it, the code in the file infects his computer.
While the notice looks exactly like something FedEx would send out, the fact that it does not state which FedEx office to go to in order to collect the package is "a dead giveaway," Masiello said. That also proves that the e-mails are being sent out blindly and are not harvested from FedEx's databases, so it's not an inside job, he added.
MX Logic has not tracked down the senders yet. "It's hard to find out who's in charge of botnets because they use distributed machines all around the world and there's no one central point," Masiello explained. "That's why there are so few arrests made."
While there is the odd news story about someone being arrested for sending out mass spam mailings, that's "nothing compared to what's out there," Masiello said. "The rate of return on this is very low."
Be an Expert Fingerer. Hottest Free Sex Toy Isn’t on the Market
-
How to Be an Expert Fingerer: The Hottest Free Sex Toy Isn’t on the Market
*To make it even better! Hand selected by your dedicated friends at
Liberator, th...
1 year ago
1 comments:
Hello,
(I failed to find your email address and therefore write you here instead. Could you please get back to me by email? Carl@factualtv.com)
I found your blog through a blog directory for society related blogs. I took a liking to yours and a few others that I went ahead and contacted. My name is Carl Wahlström and I represent factualTV. We’re a themed-based on-demand tv-service on the net focusing on documentaries. From our site you can watch thousands of documentaries free of charge and also purchase and download documentaries to DVD-quality. We want to provide an option to all brainless entertainment circling media today and yet be entertaining.
I would like to recommend you to check out our Society section on our site. You can do so here; www.factualtv.com/society. It’s my belief that your readers might take interest to what we have to offer in this section. I therefore wonder if you would consider posting a link or adding us to your blog roll? Or maybe even writing a review? Any help would be immensely appreciated. I hope this can work out.
All the best,
Carl
carl@factualtv.com
www.factualtv.com
Post a Comment