By Cesar Ortiz
We are not beating on a dead horse; the UPS notification malware attack that was initiated around February 4, 2011 is making a comeback. In this scam users receive a very professional looking graphic message with an official UPS logo and brown colors. There is no text in the message, just that graphic saying:
“The parcel was sent to your home address. It will arrive within 3 business days. More Information and the tracking number are attached in the document below. Thank you. United Parcel Service. Copyright UPS, All rights reserved”
“The parcel was sent to your home address. It will arrive within 3 business days. More Information and the tracking number are attached in the document below. Thank you. United Parcel Service. Copyright UPS, All rights reserved”
Do not click on the attachment, just delete the whole e-mail and your machine will be okay. If unsuspecting users click (open) the attachment, there will be a text saying:
“Subject: United Parcel Service notification #<random number> Attached file: USPS_Document.zip Message body: Dear customer. The parcel was sent to your home address. And it will arrive within 3 business days.More information and the tracking number are attached in the document below.Thank you.United Parcel Service.Copyright (c) 1994-2011 United Parcel Service of America, Inc. All rights reserved.”
Attached to the email is a file called USPS_Document.zip, which contains the malware attack. The damaging files are known as Mal/BredoZp-B and the Troj/Agent-QGH Trojan horse. These two malwares contain files that propagate in your computer and create problems in your machine, including making the PC inoperative. Up to date anti-virus and malware detection and cleaning software should be able to cope with the problem in some cases, if not, users are better off taking the PC to a qualified shop.This malware can be a nasty experience.
It is unknown, why this attack is making a come back. Normally, scammers will switch to a similar or new content attack when a scam have been around enough time to give anti-virus and malware detection vendors time to develop cleaning files, as in this specific instance. This malware is only capable of infecting computers running Windows.
3 comments:
This arrived as a bogus UPS parcel notification titled "United Parcel Service notification 065" with an attachment "document.zip". Beware, the yahoo virus scanner is poor and does not detect that this contains a trojan(as at 5 June 2011).
I had hitherto placed my faith in English spelling checkers but I have now been set on the one true path to fastidious spelling and grammar after perusing this magnificent communication.
"The parcel was sent your home adress[sic]."
"And it will arrive within 5 buisness[sic] days."
Random underlining of characters in the "notification" adds to the impression that this is the work of a person of the most superior literary ability with a facility for unrivalled artistic expression. I am truly overwhelmed by the manifest breadth of "talent" within this e-mail and I shall be eternally grateful that I was so privileged to be among the very few lucky people be chosen to receive a communication of such eloquence! I've just burned my Faulkner and Dickens; I'll be relying on spammers for my literary edification henceforth.
Posted by JamesHorncastle to Cesar Ortiz Information Security Blog at October 9, 2011 11:02 PM
Hi,
United Parcel Service is the world's largest package delivery company, delivering over 14 million packages a day to over 200 countries around the world. It is also a leading provider of specialized transportation, logistics, consulting, e-commerce, technology, and even financial services. Thanks a lot...
Parcelforce UK
Combined Package Service is a Combined states delivery company that assists around 200 nations throughout the world.
Couriers London
Post a Comment