The package delivery company, FedEx, has been the recent target of a phishing scam targeting English and Italian speaking customers.

This phishing scam targeting FedEx customers uses a sophisticated social engineering scheme that involves the one thing we all want- our packages delivered.

This scam is currently limited to only English and Italian speaking customers, with many researchers believing these cyber criminals are trying to figure out which language generates the most traction.

Attackers are using the recipient’s fear of not getting their package delivered to their advantage. Cyber criminals start off by sending emails dressed up to look like an official FedEx correspondence with a malicious attachment attached to the email. The email states that the victims’ package was brought to the residence, but no one was home to sign for it, so they must visit a FedEx office within 48 hours or the item will be returned to sender. The email ends by asking the victim to print out the attached document which is required in order to pick up the package. Once the attachment is clicked, the malware is downloaded, causing the victim's computer to be corrupted.

Researchers at Comodo Threat Research Labs did not specify what kind of malware is inserted into the victim's PC, but they have confirmed that no ransomware has been detected in this campaign.

Comodo noted that other than a few formatting errors, the fake emails are very hard to spot. Unfortunately, this means the bad guys are getting that much better at tricking their victims by mimicking logos and color schemes used by corporations to appear legitimate.

FedEx has responded to this phishing attack and stated, “FedEx does not send unsolicited emails to customers requesting information regarding packages, invoices, account numbers, passwords or personal information.”

From an enterprise standpoint, reliable threat intelligence needs to be implemented to disturb any malware that enters the arena. It’s important to implement a layered security approach to your IT estate, and by working with NNT, your organization will be able to adopt a ‘layered and integrated approach’ to security that incorporates the right process, methodology and set of tools in order to guard your IT environment against today’s ever-evolving threat landscape.

With NNT's Change Tracker Gen7, your organization will come equipped with intelligent file integrity monitoring, compliance management, System Hardening, threat intelligence & security configuration management all powered by Intelligent Closed-Loop Intelligent Change Control, all working to make your IT estate as secure and compliant as possible.

 

Read this article on SC Magazine

 

 

 

 

The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.