FedEx phishing emails


Not only banks are a target of phishers, also FedEx is quite interesting when it comes to phishing attempts. MX Lab, http://www.mxlab.eu, intercepted some phishing emails with the subject “Your fedex.com account will soon expire!”.

The email is send from the spoofed address “FedEx Online Services <OnlineServices@fedex.com>” and has the following body:

Account Requires Complete Profile Update, We have recently detected that different computer user had attempted gaining access to your Online account, and multiple password was attempted with your user ID. It is now necessary to re-confirm your account information to us. If this process is not completed within 24-48 hours. We will be forced to suspend your Account Online Access as it may have been used for fraudulent purposes.

Please log on Otherwise your user ID and profile will be deleted from our records.

Log in Here

Thank you.

*fedex.com user ID’s are case sensitive.

fedex.com

A screenshot of the email:

When following the URLs you are lead to hxxp://www.akcila.pl/fedex/index.htm that is a fake FedEx login page.

The page http://www.akcila.pl/fedex/kay.php will process the submitted credentials and redirect you to the real fedex.com homepage.