PDA

View Full Version : New scam going around! Several times.......



Jamie Donaldson
02-21-2013, 4:31 PM
...this week I've received emails that I have a package to be picked up at the FedEx terminal, but I must first download the attached receipt to claim the shipment. I don't download anything phishy, there is a grammar error, the FedEx logo is in blue and gray rather than blue and red, and I'm not expecting any shipment of anything. I've notified my local FedEx agent, and they said this was news to them. If the Nigerians ever learn to use spellcheckers we will really be in trouble!:cool:

Jason Roehl
02-21-2013, 5:29 PM
FedEx's logo is blue and gray. And blue and orange. And blue and green. And blue and light blue. Their different divisions have different colors on the "Ex" part. So that part could actually be legit. The rest reeks of scam, though.

http://en.wikipedia.org/wiki/Fedex

Ted Calver
02-21-2013, 7:33 PM
Wife got the same one today. She thought it was real because it contained a tracking number. To show her it was a fake I copied just the tracking number from the message and entered it on the real Fedex tracking site....said it was an invalid number.

Bill Cunningham
02-21-2013, 8:00 PM
the attachment is always a .zip file, sometimes it says .pdf.zip to try and fool you.. I get at least 5 of these a week.. No courier is going to send you a document in a .zip file

Rick Christopherson
02-21-2013, 9:02 PM
I just got a similar email today, except it said that some wire transfer was complete. At first it didn't make any sense because it wasn't telling me to do anything. Then I noticed the zip file that supposedly contained the "receipt" for the wire transfer.

Oh, what the heck, I'll dig it out of the trash and take a look at the zip file with a safe file viewer........


WIRE transaction is completed. $213 has been successfully transferred.
If the transaction was made by mistake please contact our customer service.
Receipt of payment is attached.
Yup, inside the zip file is an executable program. (I have a file viewer that can let me look inside zip files without actually opening them for decompression.)

What is strange is that I searched for the text of the email and didn't find anything, so this must be pretty new. It also doesn't leave the recipient with a feeling of impending doom that would compel them to even look. My initial reading of this was that money was transferred INTO my account, not OUT of my account. So even if I was gullible, I still wouldn't have bothered to look at the receipt. If someone gave me free money, why would I care what the receipt said. :D

Rick Christopherson
02-21-2013, 9:09 PM
the attachment is always a .zip file, sometimes it says .pdf.zip to try and fool you.. This is why I hate the fact that operating systems (Windows) default to hiding "file name extensions for known file types" unless you tell them otherwise. The malware is relying on the fact that most people wouldn't see the true extension and assume it is just a pdf. There is no benefit to hiding the extension, but Microsoft (and I assume Apple too) do this to dumb down the system. It just opens people up to problems like this.

Darius Ferlas
02-21-2013, 9:21 PM
The file extension in the email is the function of the email program (or webmail), not of the OS. Hence, email attachments are shown with their extension, and that is also true for Microsoft mail products.

David Weaver
02-21-2013, 9:59 PM
This is why I hate the fact that operating systems (Windows) default to hiding "file name extensions for known file types" unless you tell them otherwise. The malware is relying on the fact that most people wouldn't see the true extension and assume it is just a pdf. There is no benefit to hiding the extension, but Microsoft (and I assume Apple too) do this to dumb down the system. It just opens people up to problems like this.

Windows does that if you save the file and look at it, but surely when you look at the file in outlook and it's a .zip (which it always tells you there), you have a lot of incentive to not try it.

Stephen Cherry
02-21-2013, 10:14 PM
Always use your computer with "user" privileges never use as administrator unless you are administrating.

So you need to have at least one administrator and at least two users, with the aministrators password protected. Browse as a user. If one "user" gets virused up, turn off the computer immediately, log back on as the other user, and start running your virus full scan over and over again. Or use something like offline defender.

Don Morris
02-22-2013, 3:36 AM
Thanks for the heads up. I wasn't aware of that one. Just might have caught me in a weak moment.

Dan Hintz
02-22-2013, 8:43 AM
I have a file viewer that can let me look inside zip files without actually opening them for decompression.

It may not save the decompressed file to disk, but it has to decompress the ZIP file to some degree to tell you what's in there. The better ones will only decrypt the content list, but a carefully crafted ZIP will step around that... I'm just thankful those scammers shoot for the lowest common denominator. As long as I'm a small notch above the lowest, I'm safe ;)

Chuck Wintle
02-22-2013, 9:17 AM
my rule of thumb is to delete all suspicious emails right away although they are getting better and better at these scams. As for the ones promising money or a asking for account info the first clue is the wording of it.

Fred Perreault
02-22-2013, 9:43 AM
Doesn't anybody use DOS anymore....:)

Myk Rian
02-22-2013, 12:07 PM
Doesn't anybody use DOS anymore....:)
On my 286 machine. :D

Darius Ferlas
02-22-2013, 12:34 PM
Doesn't anybody use DOS anymore....:)
We all do, whether you use Windows, Unix/Linux, Mac or any other operating system. It's just that some call it file system.