UPS delivery malware rears its ugly head again

by Graham Cluley on March 3, 2009 | Comments Off

Filed Under: Malware, Spam

It's not a new technique for fooling people into opening a malicious attachment, but clearly the hackers still think it has some legs.

We've seen a lot of emails in our spamtraps today pretending to be a failed delivery report from UPS. The emails claim that UPS did not manage to deliver a package that you sent on February 23rd, because an incorrect destination address was specified.

All you have to do, says the dangerous email with the subject line "Delivery problems", is open the attached invoice and contact your local UPS office.

Fake UPS Delivery email carrying malware

Of course these emails aren't from UPS at all, and opening the attached file (Invoice_8612112.zip) is not a good idea at all, as it contains the Troj/Inject-FA Trojan horse.

Tags:

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.