FedEx system notification From FedEx Return-Path: <18infov@fedex.com> Date: Tue, 05 Apr 2011 Reply-To: "FedEx" <18infov@fedex.com> From: "FedEx" <18infov@fedex.com> Message contains attachments1 File (7KB)(Virus) 198.47.214.204 Unknown Unknown Unknown Dear customer The parcel was sent your home adress And it will arrive within 10 business days More information and the tracking number are attached in document below. Thank You © FedEx 1995-2011 also FedEx system notification Return-Path: <84infotmkif@fedex.com> Date: Tue, 05 Apr 2011 From: "FedEx" <84infotmkif@fedex.com> To: <kdmtar@yahoo.com> Subject: FedEx system notification 52.185.247.114 E.I. du Pont de Nemours and Co. Wilmington United States 4.226.150.54 Level 3 Communications Cleveland United States Dear customer The parcel was sent your home adress And it will arrive within 10 business days More information and the tracking number are attached in document below. Thank You © FedEx 1995-2011 and FedEx system notification Return-Path: <43infoqqbid@fedex.com> Date: Tue, 05 Apr 2011 02:30:10 +0400 From: "FedEx" <43infoqqbid@fedex.com> Subject: FedEx system notification 51.159.153.234 UK Government Department for Work and Pensions n/a Great Britain 95.24.192.173 Investelektrosviaz Ltd. n/a Russian Federation Return-Path: <43infoqqbid@fedex.com> Date: Tue, 05 Apr 2011 From: "FedEx" <43infoqqbid@fedex.com> Subject: FedEx system notification Message contains attachments1 File (7KB)FedEx.zipCompact (Virus) Headers Dear customer The parcel was sent your home adress And it will arrive within 10 business days More information and the tracking number are attached in document below. Thank You © FedEx 1995-2011
Federal Express Canada Ltd. FedEx www.fedex.com Federal Express tracking numbers # 417882 The parcel was sent your home adress. And it will arrive within 5 buisness days. More information and the parcel tracking number are attached in document below. Thank you Federal Express Canada Ltd. and FedEx. All rights reserved.© 1995-2011 FedEx
From FedEx system Return-Path: <info521060@fedex.com> Received: from 141.85.254.57, Romania, "Politehnica" University of Bucharest Date: Tue, 17 May 2011 From: "FedEx system" <info521060@fedex.com> Message contains attachments 1 File (8KB) * FedEx mail.zipFedEx mail.zip May 2011 FedEx www . fedex . com Federal Express tracking numbers # 4827680 The parcel was sent your home adress. And it will arrive within 5 buisness days. More information and the parcel tracking number are attached in document below. Thank you Federal Express Canada Ltd. and FedEx. All rights reserved.© 1995-2011 FedEx
We are clean now We had an infected PC, which was cleaned. All is OK now, our server is not an "open relay", and it doesn't send spam. Thank you.
It doesn't matter whether you have an open relay or not. Someone used your server to send a phishing mail.
141.85.254.57 is safe Hello, I'm one of the sysadmins of 141.85.254.57 (alpha.imag.pub.ro). Please be so kind as to remove our IP from the blacklist. The problem was in May 2011, when a XP computer on the network got infected. This infected computer was sending the virus traffic. I personally formatted the hard drive and now all is clean. I checked also the other computers (all the computers are seen from outside with the same IP, the one of the Linux server). So, again, please be so kind as to remove our IP, 141.85.254.57, from the blacklist. Thank you very much, dr.ing. Serban OPRISESCU, Image Processing and Analysis Laboratory, University POLITEHNICA from Bucharest, ROMANIA
FedEx, 2012 I got this a couple days ago. I'm not expecting any packages and there was no notice at my house. Is it a known scam ploy ? It has an attachment (FedEx_Inv...zip Download(40.4 KB)) that I did not open. thanks USPS Invoice copy NO#3906 FedEx Customer Service FedEx Customer [Serviceyour-information@fedex.com] From: FedEx Customer Service (your-information@fedex.com) Sent: Tue 1/31/12 1:53 PM Notice, Your package has been returned to the FedEx office. The reason of the return is - Error in the delivery address. Please print out the invoice copy attached and collect the package at our office. FedEx Global Mail.
SCAM - PROBABLE MALWARE - DO NOT OPEN THE ATTACHMENT Yes, it's a scam, & the attachment is very likely to be malware. It's a known ploy to insert a Trojan onto your box, which will then install botware, or a key-logger, or some other horror that you don't want.
From FedEx Service Return-Path: <_www@mail.my303.com> Received: from 206.124.23.20, United States, Denver, Forethought.net Subject: Fedex Tracking number NO#6417 From: "FedEx Service" <our.customers@fedex.com> Reply-To: "FedEx Service" <our.customers@fedex.com> Date: Fri, 17 Feb 2012 Invoice_ID48154.zip Your package has been returned to the FedEx office. The reason of the return is - Error in the delivery address. Please print out the invoice copy attached and collect the package at our office. FedEx Global Services.
When I got this in my inbox (on Feb 11th), I was automatically suspicious, however, I'm expecting a package so I opened it. The attached zip contains an .exe file, likely a trojan or similar. I'm not sure since I run Linux, and therefore don't have to worry. Anyone getting this should be very cautious. Also the address it was from was "our-customers@fedex.com". The content was the same as the others.
abuse Track your shipment NO#7448 From FedEx Information [customer-information@fedex.com] Invoice_ID57514.zip (55 KB) FedEx notice, Your package has been returned to the FedEx office. The reason of the return is - Error in the delivery address. Please print out the invoice copy attached and collect the package at our office. FedEx Customer Services
Zip file attached. From FedEx Express Services Return-Path: ~annesol@mw48.webservidor.net> Received: from 189.113.2.70, Sao Paulo, Brazil. Comite Gestor Da Internet No Brasil Subject: Your package is available for pickup From: "FedEx Express Services" ~customer-assistance@fedex.com> Reply-To: "FedEx Express Services" ~customer-assistance@fedex.com> Date: Sun, 19 Feb 2012 FedEx notice, Your package has been returned to the FedEx office. The reason of the return is - Incorrect delivery address of the package. Please print out the invoice copy attached and collect the package at our office. FedEx Global.
From FedEx inc Return-Path: <thadlorett@fedex.com> Received: from 82.80.102.10, Israel, Tikva Bezeq International-ltd Date: Tue, 21 Feb 2012 Reply-To: "FedEx inc" <ThadLorett@fedex.com> From: "FedEx inc" <ThadLorett@fedex.com> Subject: FedEx notification FedEx notification.zip Hello Unfortunately we have to notify you that your shipment with tracking number #3587775 has failed to be delivered due to missing address details. In order to provide the correct location or collect your parcel please fill out the attached document. Your FedEx express mail service. U.S. Customer Service 1.800.Go.FedEx 1.800.463.3339 Printabl e Phone Menu FedEx Customer Relations 3875 Airways, Module H3 Department 4634 Memphis, TN 38116
I just got this email too... and am awaiting a package... just found this thread here and saw other peoples views on it, As i was expecting, i did open it, but I've never had to check for stuff like this on my mac before... nothings happened as yet, nothing opened when i opened the attachment, so i'm hoping that it might not have done anything.... but to be on the safe side, has anyone have a good recommendation of some free application to scan my mac with n' check? thanks in advance!
WARNING!! ANOTHER ATTEMPT TO INFECT WITH MALWARE THE ATTACHMENT TO THIS EMAIL HAS A VIRUS PLEASE DO NOT DOWNLOAD AND UNZIP AND RUN THE PROGRAM X-SID-PRA: FedEx Customer Service <provided@fedex.com> Probably a forged email address, Received: from h1825091.stratoserver.net ([85.214.59.237]) by COL0-MC4-F17.Col0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900); Tue, 21 Feb 2012 14:23:55 -0800 Origin IP Address = 85.214.59.237 = STRATO AG, Pascalstr. 10, D-10587 Berlin, Germany To: Subject: Track your parcel NO#2129 From: "FedEx Customer Service" <provided@fedex.com> Reply-To: "FedEx Customer Service" <provided@fedex.com> Date: Tue, 21 Feb 2012 23:23:54 +0100 Return-Path: <provided@fedex.com> With a warning from the Live Mail server: Attachment contains a virus An attachment to this message contains a virus and has been removed Invoice_ID167235.zip Notice, Your package has been returned to the FedEx office. The reason of the return is - Incorrect delivery address of the package. Please print out the invoice copy attached and collect the package at our office. FedEx Services.
And another one. VIRUS INFECTION - Fedex_Invoice_Copy_N45-67.zip ! Please do not open this file. X-SID-PRA: Your FedEx <airfreight.service@fedex.com> Received: from daweb06.oxilion.nl ([93.186.177.132]) by SNT0-MC1-F3.Snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900); Sun, 11 Mar 2012 01:25:09 -0800 Origin IP Address = 93.186.177.132 = Oxilion B.V., Postbus 757, 7500 AN Enschede, The Netherlands To: Subject: Track your shipment NO1443 From: "Your FedEx" <airfreight.service@fedex.com> Reply-To: "Your FedEx" <airfreight.service@fedex.com> Date: Sun, 11 Mar 2012 10:25:08 +0100 Return-Path: piet@daweb06.oxilion.nl Notice, Your package has been returned to the FedEx office. The reason of the return is - Error in the delivery address. Please print out the invoice copy attached and collect the package at our office. FedEx Global Services.
FedEx ® Received from: 1.9.1.9 - MALAYSIA, Pulau Pinang, Bukit Mertajam - Tmnet, Telekom Malaysia Bhd. Return-Path: [infoq@fedex.com] Date: Fri, 30 Mar 2012 Reply-To: "FedEx service" [infoq@fedex.com] From: "FedEx service" [infoq@fedex.com] Subject: Parcel notification 757820 FedEx ® Dear customer. The parcel was sent your home address. And it will arrive within 7 business day. More information and the tracking number are attached in document below. Thank you. bicueeahemegomeilynykuvuuiuduxowaeeuhyaumdxfezi bichekimecu Copyright © FedEx 1995-2012 aomtyucagejipbuypopiabuzykawyrwfaiabeutoxeawoysmwygji attachment - FedEx Report Zip - DO NOT OPEN - TROJAN VIRUS
Fraud?? subject: FEDEX Invoice Order 6015 This is a fraudulent email right???? It was recieved in my spam folder which usually I would delete, but I have been making a lot of online purchases and so I wasn't so sure. Any thoughts? Email I received: ------------------------------------------------------------- FEDEX Invoice Order 6015 4/08/12 [noparse]Reply ▼ FedEx Express Add to contacts To [xxxxxxxxxx@live.com] From: FedEx Express (global@fedex.com) Sent: Sun 4/08/12 10:27 PM To: [xxxxxxxxxxxx@live.com] Always show content from [global@fedex.com] Hotmail Active View 1 attachment (385.8 KB) Invoice_F...zip Download(385.8 KB) Download as zip Dear Customer, Your package has been returned to the FedEx office. The reason of the return is - Incorrect delivery address of the package. Please print out the invoice copy attached and collect the package at our office. FedEx Customer. ........thats end of email..... And then the following is from the message details: x-store-info:4r51+eLowCe79NzwdU2kR3P+ctWZsO+J Authentication-Results: hotmail.com; sender-id=none (sender IP is 81.169.146.215) header.from=global@fedex.com; dkim=none header.d=fedex.com; x-hmca=none X-SID-PRA: [global@fedex.com] X-SID-Result: None X-DKIM-Result: None X-Message-Status: n:0:n X-AUTH-Result: NONE X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD02 X-Message-Info: 11chDOWqoTnjDv0n+r5oSgy3S7bjJxJadMtPYN13+z0zEC2xvfczvM9LUMZ1Y+KF3EqcMAjtrgDKnHwgAYG3j3o4kmJxANaRpbu0m+jyf9NY0UlqgURNt4i0FySCdYGwNnn0UCK7Mw0= Received: from cg-p07-fb.rzone.de ([81.169.146.215]) by COL0-MC4-F17.Col0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900); Sun, 8 Apr 2012 22:27:42 -0700 Received: from cg-p07-ob.rzone.de (snori-cg-p07-ob.mail [192.168.63.61]) by snori-fb-023.store (RZmta 28.7 OK) with ESMTP id i03defo380PZ0K for <sydniee@live.com>; Mon, 9 Apr 2012 06:57:25 +0200 (MEST) X-RZG-CLASS-ID: cg07 Received: from quirke.store ([192.168.41.142]) by snori-cg-011.store (RZmta 28.7 OK) with ESMTP id U04006o38IMvDx for <xxxxxxxxx@live.com>; Sun, 8 Apr 2012 22:57:05 +0200 (MEST) Received: (from Unknown UID 1334317@localhost) by post.webmailer.de (8.13.7/8.13.7) id q38Kv46s026692; Sun, 8 Apr 2012 20:57:04 GMT Date: Sun, 8 Apr 2012 20:57:04 GMT Message-Id: <201204082057.q38Kv46s026692@post.webmailer.de> To: [xxxxxxxxxxx@live.com] Subject: FEDEX Invoice Order 6015 From: "FedEx Express" <global@fedex.com> X-Mailer: grasslandtromboneV8.75 Reply-To: "FedEx Express" <global@fedex.com> Mime-Version: 1.0 Content-Type: multipart/mixed;boundary="----------13339186244F81FBA08A4A2" X-RZG-SCRIPT: :fz1KJBj8Na2AXrl2N8BoNJOIwQZVa0Of59qbmn1xYfzbKGW0PuFg3lqvT182A7k8SQDFet4LvIrCbysh1WPTDGPkb8VHM3m+HJYLEHh6WgIGEUfz+Mb5w2U0lm3NNvt8ebip8cpyh0cZ6iOu5rTFQZixIOMzoL7dXw== Return-Path: postmaster+1334317@post.webmailer.de X-OriginalArrivalTime: 09 Apr 2012 05:27:43.0052 (UTC) FILETIME=[7CF860C0:01CD1611] ------------13339186244F81FBA08A4A2 Content-Type: text/html; Content-Transfer-Encoding: 8bit Dear Customer, <BR> <BR> Your package has been returned to the FedEx office. <BR> The reason of the return is - Incorrect delivery address of the package. <BR> Please print out the invoice copy attached and collect the package at our office. <BR> <BR> FedEx Customer. <BR> ------------13339186244F81FBA08A4A2 Content-Type: application/octet-stream;name="Invoice_FedEx_N435-754.zip" Content-Transfer-Encoding: base64 Content-Disposition: attachment;filename="Invoice_FedEx_N435-754.zip[/noparse]
