Severity scale:

(80/100)

Remove FedEx tracking email virus (Virus Removal Guide) - updated Feb 2019

removal by Julie Splinters - - 2019-02-12 | Type: Trojans

13234 views

Special Offer

Reimage Intego is a recommended tool to see if there are corrupted or damaged files. The program will not necessarily detect the virus you are looking for. You can clean issues detected by free scan for free, by using free manual repair. More advanced scan and automatic removal is provided after the payment.
Download Reimage Download Intego

More information about Reimage and Uninstall Instructions. Please review Reimage EULA and Privacy Policy. Reimage scanner and manual repair option is free. An advanced version must be purchased.

More information about Intego and Uninstall Instructions. Please review Intego EULA and Privacy Policy. Intego scanner and manual repair option is free. An advanced version must be purchased.

FedEx tracking virus is a malspam campaign that infects users' computers with the dangerous data-stealer Hancitor trojan

FedEx tracking email virus

FedEx tracking email virus is a phishing email strain that is delivered to random computer users all over the world. The deceptive message pretends to be coming from FedEx delivery service and warns users about the alleged package. The attached document, which often comes as MS Word .doc file, is an obfuscated payload of data-stealing malware called Hancitor.^[1] The virus is capable of recording keystrokes, harvesting personal information and installing additional payloads. FedEx (just as UPS and DHL^[2]) is one of the biggest delivery services in the world and is often targeted by numerous scammers and hackers; some hoaxes being exceptionally believable, while others are poorly executed. However, users should be aware of FedEx tracking virus and not fall into a cleverly executed trap arranged by cybercriminals.

SUMMARY
Name	FedEx tracking email virus
Type	Phishing
Poses as	FedEx delivery service
Proliferates	Hancitor trojan
How to recognize?	Phishing email urges users to open the attachment or click on link in an aggressive manner, grammar and spelling mistakes, etc.
Trojan elimination	Use reliable anti-malware software
Optimization	Install Reimage Reimage Cleaner Intego to repair the system

Users typically receive FedEx tracking email scam message which claims that the important information about the alleged package delivery is enclosed in the attached document. Because the email is sent to random users, it will reach those who are not expecting anything from FedEx, instantaneously raising suspicions.

However, because FedEx is such a widely used service around the world, among targeted victims there will always be those who are expecting a parcel, prompting people to believe in FedEx tracking virus scam.

Typically, users are asked to open an attachment which is a malicious document, .pdf, .html, .txt or other files. Cybercriminals are often employing social engineering tricks to make sure users open the attachment – they create a sense of urgency by using scare tactics. For example, “print this document, or your parcel will be returned to the sender.”

There are multiple variants of FedEx tracking virus flowing around the internet

Here are several examples of malicious email messages:

This tracking update has been requested and attached to this email.
Reference information includes: Invoice number, Reference, Special handling/Services, Residential Delivery. Reference information is attached to this email.
Tracking number: 625976022895

To track the latest status of your shipment, click on the tracking number above, or visit us at fedex.com

To find the latest state of your shipment, click the tracking # above.
The tracking update have been sent to you by FedEx.
Thank you for your business.
2018 FedEx. the written contact of this notification is safeguarded by copyright and trademark laws and regulations under United States andInternational laws. See our privacy policy. All right reserved.

Note that the sender's address is usually made to look legitimate. However, the trick is simple: hackers register domain addresses that look akin well-known companies like parcel delivery service FedEx or governmental institutions like Tax Office.^[3] While in most cases deception can be spotted after looking closely at the delivery address, some crooks go an extra mile to make users see the real address of the impersonated company or institution.

As soon as users open the document attached to FedEx tracking email virus, the malicious macros ensure Hancitor is downloaded and installed into the machine. Unfortunately, victims might not even notice anything out of the ordinary, as no system changes are visible on the screen. After the infiltration, the only way to remove FedEx tracking virus is to use anti-virus software, such as Reimage Reimage Cleaner Intego or SpyHunter 5Combo Cleaner.

FedEx tracking virus performs a series of changes on the system which allows hackers to:

Start or stop processes
Schedule tasks
Install additional applications
Take screenshots
Collect personal data and send it to a remote server, etc.

Additionally, FedEx tracking email virus serves as a botnet, resulting in the malware spreading fast and infecting more machines over time. Trojans are also often used as backdoors^[4] for ransomware, so file loss is also likely.

To conclude, if you clicked on a malicious attachment, you are infected with a dangerous trojan, and you should take care of FedEx tracking virus removal immediately.

FedEx tracking email virus is a dangerous virus that is capable of stealing personal data and downloading more dangerous malware

Never underestimate cybercriminals – they are capable of constructing a high quality phishing email

There is no surprise that spam emails are one of the most successful malware distribution methods out there. Sure, hackers also use such means as exploit kits, hacked websites, misconfigured RDP, and similar, but phishing emails were always their favorite, as automated botnets do the job quickly and efficiently. This ensures the stable infection rate all over the world.

Therefore, users should treat every email with suspicion, even if it looks legitimate. Watch out for these phishing email signs:

The “From” address usually resembles the original company's one, although sometimes it can be completely random. Closely pay attention to this crucial element, you can almost always see the deception there;
The subject field typically presents allegedly important information, such as “Delivery attempt,” “Shipping information,” “FedEx shipping,” “Your Invoice,” and similar;
Phishers refer to victims as “Dear User,” “Dear Customer,” and similar. Large corporations know your name if you are using their service, and they will use it;
The content of the email usually reports about some sort of problem, for example, wrong delivery address, insufficient information, account registration issue, etc. Immediately after that users are prompted to do something or face a consequence;
After crooks present the problem, they ask users to click on hyperlinks embedded in the email or download the attachment. Put your cursor on top of the hyperlink and you will see the real URL it will bring you to. Before opening any attachments, scan them using security software or tools like Virus Total;
And finally, watch out for grammar and spelling mistakes.

Get rid of FedEx tracking email virus using security software

Trojans are not that easy to detect, as they barely emit any symptoms. Nevertheless, FedEx tracking virus removal can be achieved with the help of security software. Experts suggest using Reimage Reimage Cleaner Intego, SpyHunter 5Combo Cleaner or Malwarebytes, although any other reputable tool will do.

Trojans are nasty infections, and sometimes might be hard to get rid of. Therefore, to remove FedEx tracking email virus fully, users should enter Safe Mode with Networking, as explained below. This way, only the necessary elements will be loaded, and trojan's functionality will be temporarily disabled.

Offer

do it now!

Download
Reimage Happiness
Guarantee Download
Intego Happiness
Guarantee

Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions

What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.

Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.

press

Alternative Software

Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.

Download SpyHunter 5 Review »

Malwarebytes

Alternative Software

Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

Download Combo Cleaner Review »

To remove FedEx tracking email virus, follow these steps:

Remove FedEx tracking email using Safe Mode with Networking

To remove FedEx tracking virus, enter Safe Mode with Networking as follows:

Step 1: Reboot your computer to Safe Mode with Networking

Windows 7 / Vista / XP
1. Click Start → Shutdown → Restart → OK.
2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
3. Select Safe Mode with Networking from the list
Windows 10 / Windows 8
1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
2. Now select Troubleshoot → Advanced options → Startup Settings and finally press Restart.
3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window.
Step 2: Remove FedEx tracking email

Log in to your infected account and start the browser. Download Reimage Reimage Cleaner Intego or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete FedEx tracking email removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove FedEx tracking email using System Restore

You can also disable the virus by using System Restore:

Step 1: Reboot your computer to Safe Mode with Command Prompt

Windows 7 / Vista / XP
1. Click Start → Shutdown → Restart → OK.
2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
3. Select Command Prompt from the list
Windows 10 / Windows 8
1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
2. Now select Troubleshoot → Advanced options → Startup Settings and finally press Restart.
3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window.
Step 2: Restore your system files and settings
1. Once the Command Prompt window shows up, enter cd restore and click Enter.
2. Now type rstrui.exe and press Enter again..
3. When a new window shows up, click Next and select your restore point that is prior the infiltration of FedEx tracking email. After doing that, click Next.
4. Now click Yes to start system restore.
Once you restore your system to a previous date, download and scan your computer with Reimage Reimage Cleaner Intego and make sure that FedEx tracking email removal is performed successfully.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from FedEx tracking email and other ransomwares, use a reputable anti-spyware, such as Reimage Reimage Cleaner Intego, SpyHunter 5Combo Cleaner or Malwarebytes

Access your website securely from any location

When you work on the domain, site, blog, or different project that requires constant management, content creation, or coding, you may need to connect to the server and content management service more often. It is a hassle when your website is protected from suspicious connections and unauthorized IP addresses.

The best solution for creating a tighter network could be a dedicated/fixed IP address. If you make your IP address static and set to your device, you can connect to the CMS from any location and do not create any additional issues for server or network manager that need to monitor connections and activities. This is how you bypass some of the authentications factors and can remotely use your banking accounts without triggering suspicious with each login.

VPN software providers like Private Internet Access can help you with such settings and offer the option to control the online reputation and manage projects easily from any part of the world. It is better to clock the access to your website from different IP addresses. So you can keep the project safe and secure when you have the dedicated IP address VPN and protected access to the content management system.

Backup files for the later use, in case of the malware attack

Computer users can suffer various losses due to cyber infections or their own faulty doings. Software issues created by malware or direct data loss due to encryption can lead to problems with your device or permanent damage. When you have proper up-to-date backups, you can easily recover after such an incident and get back to work.

It is crucial to create updates to your backups after any changes on the device, so you can get back to the point you were working on when malware changes anything or issues with the device causes data or performance corruption. Rely on such behavior and make file backup your daily or weekly habit.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware occurs out of nowhere. Use Data Recovery Pro for the system restoring purpose.

About the author

Julie Splinters - Malware removal specialist

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Julie Splinters
About the company Esolutions

References

^ Migo Kedem. Hancitor banking trojan is back. SentinelOne. Autonomous Endpoint Protection.
^ Alice Woods. Scammers preparing for Christmas - beware of the fake DHL parcel emails. 2-spyware. Cybersecurity news and articles.
^ Fake tax office scam robbed $800,000 from Australians in past month. The Guardian. News, sport and opinion from the Guardian's global edition.
^ Vangie Beal. Backdoor access (computing). Webopedia. Online Tech Dictionary.

This entry was posted on 2019-02-12 at 10:44 and is filed under Trojans, Viruses.

Your opinion regarding FedEx tracking email virus Cancel reply

You must be logged in to post a comment.