According to this email, which claims to be a shipment notification from delivery company FedEx, you can view a tracking update by opening an attached file. Supposedly, FedEx sent the email in response to a request for a tracking update.
However, the email is not from FedEx and the attachment does not contain parcel tracking information.
In fact, the attachment contains malware. The attached .zip file contains a .exe file that, if opened, can install the malware on your computer. The exact type of malware installed may vary. Typically, however, such malware can download further malware, steal sensitive information such as account passwords, and allow online criminals to access and control the infected computer.
The FedEx name has been used in a number of malware campaigns in recent years. Other versions of the malware email try to trick people into opening an attachment by claiming that the delivery of a parcel has failed due to an incorrect address. The scam messages instruct the recipient to print a mailing label contained in the attached file. However, as in this version, the attachment contains malware.
Similar malware campaigns have used the names of other well-known delivery companies, including USP, USPS, and TNT.
Be wary of any unsolicited email that purports to be from a delivery company and claims that you can access information about a parcel delivery by opening an attachment or clicking a link.
This tracking update has been requested and attached to this email
Reference information includes: Invoice number, Reference, Special handling/Services, Residential Delivery. Reference information is attached to this email.
Tracking number: 697372580339
To learn more about FedEx Express, please visit our website at fedex.com.
Thank you for your business.
FedEx_report_update_ref.06346552.zip contains FedEx_report_update_ref.06346552.exe