Almost 10 years after its launch, about 200,000 people still use a Xiaomi Mi 2

FedEx SMS scam now comes with our name

Half a month ago we told about the FedEx SMS scam, which arrived in a short message to our mobile phone with this form: "FedEx: Your shipment is about to arrive, track it here." In Genbeta we notice it very active in our close circle, as was the post office at Christmas or DHL a little later.

Today we have received the same scam in a slightly more sophisticated way: "Dear Juan Perez, we have your package in the queue. Address: Hojiblanca: ", followed by a suspicious link where malware is detected. As we can see, now the package delivery company is not mentioned, but our name does arrive in the message, which may cause more victims of this fraud.

Our name from the SMS is obtained from the address book of one of our contacts

Fedex SMS scam

When you open the link, the appearance of the web is the same as always, that is, the one from FedEx asking us to download their application with malware to track our package. In addition, it details the entire installation process for applications from unknown sources.


According to Virustotal, this FedEx apk is like the previous one in terms of risks and permissions.

If we have an iPhone, it detects by the browser that it is not Android and the APK file could not be installed, and it calls us to the typical scam web raffle that what it asks for is our phone to receive the prize, or that we pay a certain amount to receive it.

Google launches a test on phishing to find out if you are able to detect when they are deceiving you

As we said above, now our name arrives in the SMS. How is it possible? Obviously we cannot know for sure, but it is probably not that they have crossed our phone number with a database in which our name was. In my case, my name is the same as my father, so people call me "Antonio Junior", and I know that some people have me on their agenda as "Antonio JR", which is how it has arrived.

From there I extract that a family member or friend of my parents has fallen for the scam, the malicious apk has managed to read its address book and has obtained that for my phone, the name is "Antonio JR". This, in my case, makes it very suspicious, because no company knows that my father is called the same as me, but if the message reaches us under the name "Juan Pérez", it is much more credible.