Does this look like a phishing attempt to you?

Yesterday I received this email:

The email address looked convincing enough. Fedex.com is the real website for FedEx. Day-definite is a legitimate shipping service FedEx provides. I find it a bit odd that a customer service email would come from an email address named after a shipping method, however.

The next red flag that went up was the zip file. FedEx would never send zip files, especially if it actually was just an invoice. A further inspection of the zip file revealed there was a executable file within it. I run a mac OS so it’s not as if an .exe file would have even ran on my computer. Many of these phishing attempts are targeted at windows users, but I still wouldn’t go around clicking odd attachments in emails myself.

I googled the subject of the email and found a very similar fishing attempt that went around from UPS a few years ago. I couldn’t find anything too recent however, so I assume this is a fairly new round of attacks. If you were to click the attachment, the executable file would appear on your desktop with a microsoft word icon, to trick you into clicking it.

I’m still curious how they were able to get an email address from the real FedEx domain though.

Advertisements

4 thoughts on “Does this look like a phishing attempt to you?

  1. I’m pretty sure that was a phishing attempt. I always thought those emails were pretty ridiculous, they never seemed professional enough and most of the ones I’ve seen have had a couple of grammar errors. But I do have to agree with you on their ability to get an email address with the FedEx domain, I mean how easy could it be to do something like that?

    • Yeah, the actual body of the email wasn’t too impressive. I believe most FedEx emails have a bit of formatting to them (a picture header/logo, etc.) too. If you take the time to think about it, it should be pretty clear. I can understand how people might fall for this if they just read it quickly though.

  2. Without a doubt, I think that this is a phishing attempt, I have never heard of FedEx asking a customer to print out a form and bring it to their office. They never even suggested which FedEx office to bring the downloadable form to. It’s also interesting as you noted before that they have used the FedEx.com domain name as their email address.

  3. You don’t actually have to have a FedEx email account to send mail “from” fedex.com. There are loads of mail relays out there that will send emails that look like they came “from” any address — http://deadfake.com/ is one of them. If you tried to reply to this message, I think the fedex.com mail server would probably reject it, since it’s not likely an actual email address on their server.

Comments are closed.