Sophos Cloud Optix
Email inboxes around the world are being spammed today with a malicious attack designed to infect Windows computers with a fake anti-virus attack.
The emails claim to be notification from United Parcel Service (UPS) that a package is winging its way to your address. The cybercriminals behind the scheme hope that recipients will be intrigued enough to open the attached file, which can infect their computer with malware.
A typical message looks as follows:
Subject: United Parcel Service notification #[number]
Message body:
United Parcel Service
tracking number #[number]Good morning
Parcel notificationThe parcel was sent your home adress.
And it will arrive within 3 buisness days.More information and the parcel tracking number are attached in document below.
Thank you
United Parcel Service of America (c)
153 James Street, Suite100, Long Beach CA, 90000Attached file: UPS_Document.zip
Would the spelling mistakes and grammatical errors be enough to ring an alarm bell in your head? Or would the promise of an unexpected parcel being delivered be enough to trick you into opening the attachment?
Sadly you can’t always rely on the bad guys being sloppy with their typing, and some attacks are more professional than others. The fact is that simple social engineering tricks like this can be enough to trick people who really should know better into making the mistake of opening an unsolicited attachment.
And remember this – when someone sends you a parcel, they give the delivery company your snail-mail address. They’re very unlikely to have also given them your email address! So be suspicious of any emails from delivery companies which arrive unexpectedly.
Sophos products detect the malware threat attached to the emails as Mal/FakeAV-LI – a fake anti-virus scam designed to scare you into believing your computer has security problems in order to persuade you to part with your hard-earned cash.
Users of other anti-virus products might be wise to check that their security software detects this threat, as it has been pretty widely spammed out.
At UPS, we take fraud seriously. We investigate fraud or misrepresentation of our services, information tools and brand using the Internet. Fraud on the Internet is a continuing global issue, so we post fraud protection information directly on our home pages around the world to advise customers. Here is the link for fraud protection information at our U.K. site: http://www.ups.com/content/gb/en/resources/ship/f…
Thanks for educating your readers on this important topic.
Debbie Curtis-Magley
UPS Public Relations
Twitter: @UPS
Blog: http://blog.ups.com/
Have been receiving this as well as DHL and FedEx notices for the past two months at least. Seeing the bad spelling on the one I opened tipped me off (plus the fact that I had not ordered anything).
I have been getting these for months at my yahoo address. Same thing claiming to be from FedEx as well.
maybe try replying to the email first…if it bounces back there is a good chance its a fake
That's horrible advice, while you might get a Daemon reply from some incorrect email, you don't always get one. Gmail does a pretty good job by blocking spoofed email addresses. I do wish that Google made it easier to see the ACTUAL identity of the sender, intead it's buried deep.
I have seen these messages, but have not had attachments with them, however not expecting a parcel in any case should be significant enough to know that there would hardly be a birthday present coming from Auntie Clara in the near future
I recieved and opened the file… which then sent my Internet explorer into spasms (I think it was trying to open IE, but Kasperski was shutting it down each time)
How do I know I don’t still have the malware in my PC?
Thank you saved me!
I have received nearly daily fake messages for nearly two months -all detected as potential viruses. When do they give up or stop as a rule?