RSS

United Parcel Service malware attack spreads fake anti-virus

10 Jun

Email inboxes around the world are being spammed today with a malicious attack designed to infect Windows computers with a fake anti-virus attack.

The emails claim to be notification from United Parcel Service (UPS) that a package is winging its way to your address. The cybercriminals behind the scheme hope that recipients will be intrigued enough to open the attached file, which can infect their computer with malware.

A typical message looks as follows:

Subject: United Parcel Service notification #[number]

Message body:

United Parcel Service
tracking number #[number]

Good morning
Parcel notification

The parcel was sent your home adress.
And it will arrive within 3 buisness days.

More information and the parcel tracking number are attached in document below.

Thank you

United Parcel Service of America (c)
153 James Street, Suite100, Long Beach CA, 90000

Attached file: UPS_Document.zip

Would the spelling mistakes and grammatical errors be enough to ring an alarm bell in your head? Or would the promise of an unexpected parcel being delivered be enough to trick you into opening the attachment?

Sadly you can’t always rely on the bad guys being sloppy with their typing, and some attacks are more professional than others. The fact is that simple social engineering tricks like this can be enough to trick people who really should know better into making the mistake of opening an unsolicited attachment.

And remember this – when someone sends you a parcel, they give the delivery company your snail-mail address. They’re very unlikely to have also given them your email address! So be suspicious of any emails from delivery companies which arrive unexpectedly.

Sophos products detect the malware threat attached to the emails as Mal/FakeAV-LI – a fake anti-virus scam designed to scare you into believing your computer has security problems in order to persuade you to part with your hard-earned cash.

Users of other anti-virus products might be wise to check that their security software detects this threat, as it has been pretty widely spammed out.

Advertisements
 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: