Blog Posts

Beware FedEx Virus Email

Last night, I received the latest email that was sneaky enough that I wanted to share it with you. Because we're going into the Christmas season, I'm afraid this may get some of you. Since our livelihoods are on our computers – I felt it my obligation to share.

Note: The offending email is NOT sent by FedEx. It's a virus sent pretending to be from FedEx. FedEx even has a warning page on their site here: Avoid Fedex Hoax

This is what the email that I received looks like. If it's too small to read, I have the text below.

It says this.

Dear Customer,

Your parcel has arrived at the post office at November 28. Our postrider was unable to deliver the parcel to you.

To receive a parcel, please, go to the nearest our office and show this postal receipt.

GET POSTAL RECEIPT

Best Regards, The FedEx Team.

Why this is so sneaky.

I order a lot of stuff online, so it's very likely that I missed a package.

It's the holiday season so I get a lot of gifts from my readers, people that I promote, and my team.

So, I figured, maybe I missed something, even though I'd already had red flags up in my mind.

Here's what happened.

  • The “Get Postal Receipt” if you hover over it shows an .html link, but it actually redirected to a .zip file which started to load.
  • I knew what it was, but wanted to check it out for this blog post. When I opened the .zip file I found an .exe file.
  • At that point, I permanently deleted the .zip file, by doing a “shift” + “delete” on my computer.

Please beware of emails like this. Like I said, because your business is online, we have to be EXTRA careful of anything that can harm our computers.

Red Flags that I KNEW but yet Ignored Were:

1. Email did not come from FedEx.com which was my first warning. But, it sounded like it might be a service, like aweber or infusionsoft – and I was in a hurry, which is never good when faced with a virus. I could blame the wine…  Anyway, I clicked. UG.

2. When hovering over the download link, it was not FedEx.com either.

3. There was no Unsubscribe or Contact info at the end of the email – which FedEx would have had there, if it was a legit email.

Please be safe. The holiday season can bring out the best and the worst in people.

I hope and pray that your holiday season is blessed and profitable.

Warmly,
Nicole Dean

PS. If you missed my post a few weeks ago, also read about The Skype Virus and How to Avoid It.

I adore comments! Please share your thoughts.

  • Regina Smola
    Reply

    Great catch Nicole!

    It’s all to common that spoof emails are sent out and many people get tricked into clicking links, and then get their computer infected 🙁

    Unfortunately, they seem to be more common during the holiday season for ones like these.

    When you get emails like these, one of the first things to look at is the Sender’s email address. In this case it’s from PostalService and an email from mesa.com, which should make you stop and think.

    Then look at the body of the message for proper English (not that all my emails are grammatically correct LOL). In this message they put “at the post office at.” FedEx would not use the words “Post Office” and the second at should be on. (Hey there spam guy if you’re reading this you should take classes for English as a second language LOL).

    What is so tricky about this email is that the link to download was masked as an html file even though it was a zip.

    Thanks for catching this and sharing with all of us Nicole!

  • Eleanor
    Reply

    Thank you Nicole, I hate it when I get emails like this. Not to mention there are so many people that are coming on line to find ways to make an extra income that may not be wise to these methods yet. Have a wonderful weekend. – Eleanor

  • Sharyn Sheldon
    Reply

    Like Regina said, good English is always a giveaway – if you read it. Since when have the post office and FedEx had anything to do with each other?

    A few things I immediately noticed was “postrider” (never heard that word before), “a parcel” (should be “your package”) and “the nearest our office” (huh?).

    The problem is that most of us skim and it’s easy for these to slip by us.

    Good thing your red flags came up in time! Thanks for sharing it.

    • Nicole
      Reply

      Sharon, Exactly. 🙂

      The skimming was what caused me to even click in the first place. Now, it’s so obvious, but I speed read it and only saw a few key words. I even knew better as I was doing it, too.

      I hope, by sharing my goofups, it prevents someone else from making the mistake.

      Thanks, as always, for commenting!
      N

  • Andrew
    Reply

    “To receive a parcel, please, go to the nearest our office and show this postal receipt.”

    Always look for (too) obvious grammar errors that appear in these type of messages. I have never received a spam mail not failing at really basic grammar!

    The parcel thing is a classic 🙂 received several of those. Thanks for the warning, Nicole – and even though it’s early, since you’ve mentioned Christmas and it’s snowy outside in my country – Merry Christmas to you!

  • Lisa Marie Mary
    Reply

    Thank you so much for sharing this, Nicole! I got one that was sort of like that, though I think it might have been made to look like it came from the post office. I can’t exactly remember, but, now I know for sure to be extra cautious! 🙂

  • lotusdragon
    Reply

    Thank You Nicole (and others for your insights) your email warning was very timely.

    I usually spot such, but these!!! got past me, luckily I only clicked on one before I searched/ checked back and saw several (including lots of dosh from Nigeria types) over the last month, I even phoned my local post office. Luckily I can not open .exe and deleted very quickly anyway.

    I live in UK so Fedex leaving packages at the Post Office did not jump out as odd… thank you all for extra details to watch out for. One I should have spotted there was NO PERSONALISATION ie neither my name or address (or which post office or a card left through door). I got some from ‘paypal’ and my bank that also lacked these personal details, i usually think not to click on links.

    An intelligent forum friend, got her lifesavings ripped off by a Nigerian who she felt she was really deeply in love with… never known such love, who of course did not even exist.
    I usually spot such on forums and post a warning to others on their page, warn admin and check and warn the newbies that they usually target.. if… i can keep up with the speed they post… yet still they occasionally get past me. NEVER RESPOND TO ONES ASKING FOR EMAIL CONTACT is the advice given.

    One email in the past was such a friendly sounding one … although pressed the intended panic button … saying my biz was under investigation… yikes!!! and ironic as all has been outgoings so far.
    Too many emails does tend me to semi skim … yet another reason to unsubscribe from most lists … though guess whose I will be staying on ❤

  • Amanda
    Reply

    Thanks a bunch, Nicole!
    Just received one of these the other day and I had the same thoughts. It was entirely possible that I missed a package. The warning bells were very loud, so I didn’t click, and as other readers pointed out, grammar is one of the major things I look for in a business email.
    Great post!

  • RG
    Reply

    Companies never send out emails that have file extension of zip anymore. If you get an email and the last 3 letters after the period are zip this is virus. Also, before you click on ANY link in an email hover over the link with your mouse and if the link is taking you someplace strange with random letters you know this is a bad thing. One other word or advise NEVER and I mean NEVER click the UNSUBSCRIBE link in an email. The unsubscribe link verifies to a spammer that you indeed received an opened their email. It should be labeled the PLEASE SEND ME MORE SPAM link instead.

  • Michael Evans
    Reply

    Good looking out, these things make my stomach turn. This Fedex one really needs to be pointed out, Thanks.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Tweet
Share
Share
Pin
Reddit