When I have to choose between informing email users about what kind of email scams are resulting in infected computers, and informing email scammers about what they’re doing wrong, I choose to turn on the lights, and hope the bugs run.
From today’s email, I see an email that claims to be from Fedex. The logos and reply address are correct, but in the header I see that the sending computer is Belinda…@unimelb.edu.au, which I’ve shortened, because Belinda has an infected computer and doesn’t know what it’s been told to do. So apparently, Fedex in the USA sends emails from the University of Melbourne. Not.
And here’s the email text, with errors left as they are:
Message Subject: “We can not diliver your package”
“We apologize, but it seem so, that we not can deliver your package. One of our trucks is burned tonight. In attachment you can find a form for insurance. Please fill it out and send it us urgent, because we must told amount of damage to the Insurance company.”
And the attachment is 65.3 Kb, and while that size might be possible for a form, the filename is “Insurance_form_#43824.zip”. A document should be a PDF or possibly a DOC file, never a ZIP, which is a compressed multi-file archive. Inside the zip there is a file named “Insurance_FEDEX_-N774662.exe”. That’s a program, not a document, and I won’t run it; that’s a dangerous package to open.
In short: Be suspicious of emails that want you to open an attached file. They lead to repair bills.