There’s an email purporting to be from UPS (United Parcels Service) stating that a package has arrived and will be delivered in 3 days. There’s an attachment in the email for the recipient to obtain the tracking number for the parcel. Do not download the (ZIP) file attachment as it contains a virus!
Example Email (The email looks to be from UPS, but it is not)
Dear customer.
The parcel was sent your home address.
And it will arrive within 3 business day.More information and the tracking number are attached in document below.
Thank you.
© 1994-2011 United Parcel Service of America, Inc.
The attachment file name is UPS-document.zip and it’s a virus with no information about any tracking number. The email also has 9 other recipient email addresses. Why would any carrier such as UPS send to multiple addresses? They would not!
If you receive an email from UPS with an attachment, delete it. UPS will always provide the tracking number within the body of the email and not in an attachment.
Related Articles
Debit Card Phishing Scam
Who’s Searching for You Scam
Payday Loan Spam and Scams
10 Ways to Prevent being Scammed
This is the new site puskovayaustanovka.ru spreading the trojan FedEx.exe as shown in analysis report from Anubis. http://anubis.iseclab.org/?action=result&task_id=13ce61f81633f52c4d5bd3d3a5debe2dd&format=html
Mustage,
Thanks for the share and providing details about this virus. Again thank you!
My Pleasure Frank .
This Backdoor Trojan has not been identified by some of the Anti Virus Programs, seethe detail of scans of this file from Virustotal- http://www.virustotal.com/file-scan/report.html?id=44de44f0cb521c951858d5be0b201ef4d87652bf99b94248b52521c628bbbe83-1301895457 , guys do not run the .exe file if your AV has not detected it as a Trojan.
Its a Backdoor Trojan and disables your firewall , antivirus and many harms.
Be Careful !
Mustang,
If you ever want to guest post, please reach out to me at my email posted in “The Sharks page”
I am still daily receiving virus emails from Express Delivery with a dodgy gmail address.
as they probably keep cycling through random gmail user accounts, this is why they still keep posting, but I would have thought that google would have stopped this by now? The trick with my anti virus app is that when I click on it to send it off as a sample, it wont do it, as it monitors itself and says that I am trying to send a virus!
its all just a little tricky at the moment.
I’ve been receiving both UPS and FedEx emails…its really annoying, the first day it came I recognized the formatting and it looked a bit fishy so I didn’t open it, but most people would probably open it.
Another reason I love running Ubuntu…don’t need to worry about pesky viruses :)