Monday, May 29, 2017
Home / Malware / Fake FedEx Emails lead to Blackhole exploit kit

Fake FedEx Emails lead to Blackhole exploit kit

Security researchers have revealed a new mass phishing crusade, attached to the Blackhole exploit kit, which is directed at FedEx customers.

Symantec and Webroot issued statements supporting they had discovered a large amount of malicious, malware-containing emails taking the form of ffake FedEx receipts.

Researcher Shunichi Imano of Symantec writes, “All the fake FedEx emails delivering this malware are almost identical except for the order numbers and the website the zip file is hosted on. One sign of laziness, or perhaps an oversight on the part of the malware author, is an consistent order date. The author does change the domain where Trojan.Smoaler is hosted daily. The following emails were spammed out in 2013 on January 21, 25, and 26.”

“We have received reports of fraudulent emails claiming to come from FedEx regarding ‘undeliverable’ shipments and fake FedEx delivery notifications,” warned FedEx.

“The emails are asking you to click on a link and print a receipt to take to your nearest FedEx location. FedEx does not send unsolicited emails to customers requesting information regarding packages, invoices, account numbers, passwords or personal information.”

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

New FastPOS malware targeting Point-of-Sale systems

Experts have disclosed a new category of malware, labeled “FastPOS,” that has the ability to quickly …