Scam of the day – December 23, 2012 – Federal Express Phishing scam

Shown below is a copy of an email that I received recently that purports to be from Federal Express informing me that a delivery was attempted to be made to me of a package someone had sent to me, but that the attempt was unsuccessful.  The email instructs me to click on a link to print out a postal receipt to take to the nearest Federal Express office in order to retrieve the package.  Don’t click on the link either in an email that you might receive or the one shown below because to do so would only download on to your computer a keystroke logging program that will steal all of the information from your computer including passwords, credit card numbers, your Social Security number and other personal information that would end up making you a victim of identity theft.  If you look closely at the email, you will note that even though it has the Federal Express logo and looks quite official, there are a number of tip offs that this is indeed a phishing scam intended to look like a legitimate email, but actually intended to get you to download malware.  What is not shown on the email as copied below is that it is sent from an address that is not that of Federal Express.  The email also only refers to me as customer rather than by my name.  It is also important to note that the communication came to my email address which is not information that Federal Express has for the receiver of a delivery.  The email also refers to “the post office” while Federal Express deliveries are not made to post office.  Finally, you should note the poor grammar where it reads, “go to the nearest our office.”  Poor English grammar is often an indication of a scam that has not originated in the United States or an English speaking country.

TIPS

If you receive on any email from a company that asks you to click on a link, you should hesitate to do so, particularly if it appears bogus as this one does.  If you have the slightest thought that the email may be legitimate, rather than click on the link, go to the website of the company, which in this case is www.fedex.com.  If you had done so in this particular case you would have found a holiday email scam alert informing you that the email is a scam.

Here is the copy of the email I received.

FedEx  
   
Order: VGH-5698-0841660613  
Order Date: Friday, 14 December 2012, 01:21 PM<*+++/td>

Dear Customer,

Your parcel has arrived at the post office at December 20.Our courier was unable to deliver the parcel to you.

To receive a parcel, please, go to the nearest our office and show this receipt.

 

     

DOWNLOAD POSTAL RECEIPT

    Best Regards, The FedEx Team.