Websense ThreatSeeker® Network has been monitoring an increase in malicious spam activity over the last 28 days, and a recent spike which seems to be spreading quickly and in large amounts begs the suspicion that a spam bot or a bot network is awake. 

Some of the message subjects that we've seen include, but are not limited to:

1. DELIVERY CONFIRMATION FROM FedEx [Reference Number]:
2. FedEx DELIVERY CONFIRMATION [Reference Number]
3. Your FEDEX id. [Reference Number]
4. Wrong transaction from your credit card in The [Hotel Name]
5. Changelog: [Reference Number]
6. Re:Fw: Intercompany inv. from [Organization Name] Corp
7. From USPS [Reference Number]
8. DHL id. [Reference Number]
9. DHL ATTENTION [Reference Number]
10. Your credit card is blocked

Many of the varied subjects seem to be based around major courier service names such as DHL, UPS, and similar, and bear a resemblance to a receipt confirmation or delivery note.  Others are recycled subject lines such as the 'credit card blocked' types mentioned in a previous blog.

Sample messages with attachment:

Websense customers are protected from these threats by ACE, our Advanced Classification Engine.