Recognize & report fraud
Recognize & report fraud
If you come across suspicious websites that pretend to be FedEx, or if you have received fraudulent emails or text messages, forward them to FedEx immediately.
If you come across suspicious websites that pretend to be FedEx, or if you have received fraudulent emails or text messages, forward them to FedEx immediately.
If you come across suspicious websites that pretend to be FedEx, or if you have received fraudulent emails or text messages, forward them to FedEx immediately.
How to recognize fraud
FedEx does not request, via unsolicited mail, text or email, payment or personal information in return for goods in transit or in FedEx custody. If you receive any of these or similar communications, do not reply or cooperate with the sender. If your interaction with the website resulted in financial loss, you should contact your bank immediately. Consider contacting the Attorney General’s office and Police.
Common warning signs of mail, text or online scams
- Unexpected requests for money in return for delivery of a package, often with a sense of urgency.
- Requests for personal and/or financial information.
- Links to misspelled or slightly altered website addresses (fedx.com, fed-ex.com, etc.)
- Spelling and grammatical errors or excessive use of capitalization and exclamation points.
- Claims that you have won a large sum of money in a lottery or settlement.
- Certificate errors or lack of Secure Sockets Layer (SSL) for sensitive activities.
Daily safety tips
As a daily precaution, be on alert to keep your information safe from bad actors. At FedEx, we want to protect you and your loved ones from an attack. Below are tips to help keep you safe.
- Be wary of receiving text messaging from a personal 10-digit number or emails from generic company emails alerting you there’s a problem with your shipment.
- Be careful how you pay. Never wire money to sellers or send money orders or cash. Use secure payment methods that can assist with identifying and disputing fraudulent activity.
- Be aware of grammatical errors that are often common in communications. This is a tell-tale sign of a scam.
- Be mindful of suspicious links and attachments though text messaging and email. Phishing scams are on the rise to entice you to click the link so that account information can be obtained.
- Maintain good cyber hygiene and keep account information fresh and up to date. See our Do’s and Don’ts for more information.
- Report any suspicious activity to abuse@fedex.com.
Types of fraud
Credit card fraud is a form of identity theft. It is committed when someone uses your card over the internet without your permission. Even though the law protects you against such activities, here are some common warning signs of credit card fraud that can help you protect yourself:
- Wrong charges on your bank statements.
- Mistakes on your credit report.
- A temporary hold placed by your bank on your card or account.
Fraudulent emails are the most common avenue of online scams. Such emails attempt to trick you by pretending to come from a reputable source. They try to get you to share sensitive personal account information or send payment.
We have received reports of multiple fraudulent email campaigns disguised as FedEx delivery notices. These malicious spam emails can contain hyperlinks which, when clicked, will connect users to a compromised website that is hosting malware and can infect their computers or mobile devices. In addition, some of these emails may include an attachment, which, if opened, could infect the recipient's computer or mobile device.
These fraudulent emails have appeared with a variety of subject lines, to include the following:
- "Last reminder: First Name Last Name, please respond immediately."
- "FedEx: Not possible to make delivery"
- "FedEx Express Ticket #12345"
- "First Name FedEx International #12345"
- If you receive a message matching the description above or any email that looks suspicious, do not open the email or click on any hyperlink. Do not open any attachment. Delete the email immediately or forward it to abuse@fedex.com.
FedEx does not send unsolicited emails to customers requesting information regarding packages, invoices, account numbers, passwords or personal information. Unsolicited emails from an unauthorized third party cannot be prevented by FedEx.
If you are expecting an email from FedEx, confirm the email was sent from an official FedEx email address (Name@fedex.com) and never access any hyperlink that does not point to www.fedex.com.
Visit the Recognize and Report Fraud page for more information about fraudulent emails.
Similar to email attacks, links are delivered via instant messaging versus email. They work much like email attacks, where malware is launched when you click on a hyperlink that then links through to a malicious website. The malware can be spread through your IM chat sessions.
Phishing is an email fraud method where the perpetrator sends you a legitimate-looking email in an attempt to gather your personal and financial information. Typically, the messages appear to come from well-known and trustworthy web sites.
Phishing & spoof sites examples
Phishing emails directing users to spoof websites pretend to represent a reputable source, such as FedEx, when in reality they are operated by criminals attempting to commit theft. Spoof websites attempt to collect user names, passwords, Social Security numbers, credit card details and more. Many spoofed sites even allow users to log in, giving them a false sense of security.
Subject: Regarding Your Online Access
From: FedEx.com Online Services
To:
Subject: Regarding Your Online Access
Dear Customer,
Due to Ongoing periodic update on all FedEx account, we advise that you update your account to avoid Suspension .
Please click the link below to update your Account access
Log in to fedex.com (links to spoof site)
Please note that this link will expire in 48 hours from the time of your e-mail address reset request. After that time, you will need to re-start the process by logging into fedex.com.
Thank you for choosing FedEx.
This message has been sent by an auto responder system. Please do not reply to this message. The content of this message is protected by copyright and trademark laws under U.S. and international law. Review our privacy policy. All rights reserved.
Subject: Pay your Fedex invoice online.
From: BillingOnline@fedex.com
To:
Subject: Pay your Fedex invoice online
Hello
You have a new not paid invoice(s) from FedEx that is ready for payment.
The following invoice(s) are to be paid now:
Invoice Number
8957-31879
To pay or review these invoices, please sign in to your FedEx BIlling Online account by clicking on this link: http://www.fedex.com/us/account/fbo
Note: Please do not use this email to submit payment. This email may not be used as a remittance notice. To pay your invoices, please visit FedEx Billing Online, http://www/fedex.com/us/account/fbo
Thank you,
Revenue Services
FedEx
Subject: ID (k)dbm47-511-511-7465-7465
From: "Shipping Service" <user.vhj@detroit.com>
To:
Subject: ID (k)dbm47-511-511-7465-7465
Reply-To: "Shipping Service" <user.vhj@detroit.com>
Order: FD-24762590342635
Dear Customer,
Your parcel has arrived at the post office an November 19. Our postrider was unable to deliver the parcel to your.
To receive a parcel, please, go to the nearest our office and show this postal receipt.
Thank you.
Some phishing scams involve search engines where you are directed to product sites that may offer low-cost products or services. If you enter your credit card information to purchase a product, your information is collected by the phishing site. There are many fake bank websites offering credit cards or loans at a low rate, but they are actually phishing sites.
Smishing is similar to email and IM attacks. Links are delivered to your mobile device via text messaging. In this case, malware is launched when you click on a hyperlink that then links you to a malicious website.
This term describes a non-technical kind of intrusion that relies heavily on human interaction, and often may involve tricking you into breaking normal security procedures or divulging confidential information. The perpetrator may try to appeal to your vanity, authority level and/or greed.
Your company or organization may be targeted in a spearfishing email attack. The spoofing email may request unauthorized access to confidential data.
The telephone version of phishing is vishing. In phone phishing, you may receive a message asking you to call a number. The purpose is to get your personal information, which could be used to access your account or open new credit cards in your name.