Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 18
Like Tree2Likes
Yesterday I received an email, ostensibly from FedEx, telling me that I had an undelivered mail item (reason: incorrect delivery address) and inviting me to print out the attached invoice ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer hazel's Avatar
    Join Date
    May 2004
    Location
    Harrow, UK
    Posts
    1,217

    Another nasty scam!


    Yesterday I received an email, ostensibly from FedEx, telling me that I had an undelivered mail item (reason: incorrect delivery address) and inviting me to print out the attached invoice form and post it to them with my address. It came with a zipped attachment. I deleted it.

    Today I had another one! This time I was really curious, so I saved and unzipped it. It contained a number of empty files with .txt and .docx extensions which were supposed to go into the "system" directory (presumably C:\Windows\System) and a .exe file. Obviously this is a worm of some kind and, if it had been unpacked under Windows, it would probably have run automatically. What the empty files were for, I don't know.

    Has anyone else had one of these? Do you know of any Windows users who have received one and if so, what does it actually do? I must admit I've never seen the like before.
    "I'm just a little old lady; don't try to dazzle me with jargon!"
    www.hrussman.entadsl.com

  2. #2
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    Quote Originally Posted by hazel View Post
    Yesterday I received an email, ostensibly from FedEx, telling me that I had an undelivered mail item (reason: incorrect delivery address) and inviting me to print out the attached invoice form and post it to them with my address. It came with a zipped attachment. I deleted it.
    I too nearly received one of those the other day, but my email provider tagged it as containing malware.
    oz

  3. #3
    Linux Engineer hazel's Avatar
    Join Date
    May 2004
    Location
    Harrow, UK
    Posts
    1,217
    I just put "fedex malware" into DuckDuckGo and got plenty. Here's an example. Apparently it's a data-logger. Presumably your keystrokes go in the empty files which then get sent home.
    "I'm just a little old lady; don't try to dazzle me with jargon!"
    www.hrussman.entadsl.com

  4. #4
    Linux Enthusiast cousinlucky's Avatar
    Join Date
    Dec 2005
    Location
    New York City
    Posts
    676
    Unfortunately, The Internet Is Just Chock Full Of Crooks!!
    PCLinuxOS Gnome and PCLinuxOS Mate
    Linux user # 414321
    You Should Not Give In To Evils, But Proceed Ever More Boldly Against Them!! -from book six of Virgil's Aeneid
    Everything Within The Universe Is Related; We Are All Cousins!!

  5. #5
    Administrator jayd512's Avatar
    Join Date
    Feb 2008
    Location
    Kentucky
    Posts
    5,023
    Yeah. The FedEx scam has been going around the Internet for quite a while now.
    Jay

    New users, read this first.
    New Member FAQ
    Registered Linux User #463940
    I do not respond to private messages asking for Linux help. Please keep it on the public boards.

  6. #6
    Trusted Penguin Dapper Dan's Avatar
    Join Date
    Oct 2004
    Location
    The Sovereign State of South Carolina
    Posts
    4,630
    hazel, try running it under wine.
    Linux Mint + IceWM Registered: #371367 New Members: click here

  7. #7
    Linux Engineer hazel's Avatar
    Join Date
    May 2004
    Location
    Harrow, UK
    Posts
    1,217
    Quote Originally Posted by Dapper Dan View Post
    hazel, try running it under wine.
    lol indeed! What makes you think I would want to run an imitation Windows system?

    Actually I wonder what would happen if someone did unpack that worm when he had wine running.
    "I'm just a little old lady; don't try to dazzle me with jargon!"
    www.hrussman.entadsl.com

  8. #8
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    ... but.... everyone knows windows is safe, right?

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  9. #9
    Linux Newbie SL6-A1000's Avatar
    Join Date
    May 2011
    Location
    Australia
    Posts
    120
    LOL, Yeah it probably would be interesting to see what they do, but it is kinda funny that you decided to unpack it knowing full well it was malware.
    The really funny part would be the possible conversation that might exist between a virus built for a windows and one being unpacked on a system like Linux. I think it would go something along the lines off:
    Virus: "awesome a new Windows to suck the life out off"
    OS (Linux): "Oooh look a .exe, .txt file and a .docx file, i guess i can place those where you want. Oh whoops sorry i don't have this so called C:\Windows\system directory. I can't be ****ed give you permission to create it nore to run, so you can just sit there and enjoy the scenery, i have an awesome system layout :P"
    Virus: "DAMN IT!!!!, I Hate linux and its immunity"

    HEHEHE :P

    Speaking of crooks, i am always amused by the telephone scammers, especially the one that tell you that our Microsoft support team has detected that your computer has a virus. If you allow us to remotely login, we can fix it for you.

    I know some poor fool will fall for it, but its the ones that aren't running Windows or are running multiple computers with different OS's that it becomes amusing to know the reaction of the scammer (most of the time its an instant hang-up). I don't know it must be that spiteful little voice in my head that finds it amusing when a crook gets made a fool of .
    Last edited by SL6-A1000; 02-21-2012 at 02:16 PM.

  10. #10
    Linux Engineer hazel's Avatar
    Join Date
    May 2004
    Location
    Harrow, UK
    Posts
    1,217
    Quote Originally Posted by SL6-A1000 View Post
    LOL, Yeah it probably would be interesting to see what they do, but it is kinda funny that you decided to unpack it knowing full well it was malware.
    I did think carefully before I did it but I figured I was safe enough because anything in there wouldn't be able to run unless I launched it, and probably wouldn't even be executable unless I made it so, and then it could only run with my permissions and couldn't bork my system. Assuming it could run in Linux at all, which was very unlikely.

    Speaking of crooks, i am always amused by the telephone scammers, especially the one that tell you that our Microsoft support team has detected that your computer has a virus. If you allow us to remotely login, we can fix it for you.

    I know some poor fool will fall for it, but its the ones that aren't running Windows or are running multiple computers with different OS's that it becomes amusing to know the reaction of the scammer (most of the time its an instant hang-up). I don't know it must be that spiteful little voice in my head that finds it amusing when a crook gets made a fool of .
    Elija has a system for making them sweat. He comes over all innocent and lets them try to guide him through installing their malware, complaining constantly that he can't see any of the things he's supposed to click on. Then, after stringing it out for as long as possible, he says: "Oh! Do you think it could be because I'm using Linux, not Windows?"
    Dapper Dan and jayd512 like this.
    "I'm just a little old lady; don't try to dazzle me with jargon!"
    www.hrussman.entadsl.com

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •