Jump to content

UPS VIRUS

monty2
 Share

Recommended Posts

monty2

monty2

Posted
Posted

i JUST RECEIVED THIS E-MAIL IT COMES WITH A ZIP FILE TO OPEN. HAS ANYONE SEEN THIS?

ups_print_label_5924.zip

Dear customer!

We were not able to deliver your postal package sent on the 9th of December in time

because the addressee's address is wrong.

Please print out the invoice copy attached and collect the package at our office.

United Parcel Service of America.

Link to post
Share on other sites
Amethyst

Amethyst

Posted
Posted

I've received several e-mails claiming to be from UPS, as well as another parcel delivery service whose name escapes me at this moment. These e-mails came with attachments and claimed to have a tracking number. A google search re this subject line of the e-mails reveals that the attachments contain malware. The e-mails were all sent to a yahoo mail account that I have and would never use for business if I were using a courier service, so I knew right away that they weren't legit. Yahoo knew, too, as it placed the e-mails in the spam folder. :) My son has also received such e-mails on his yahoo account.

Gotta be careful, seems to be a rash of such e-mails going out right now. I don't even open them, just delete them immediately.

Link to post
Share on other sites
monty2

monty2

Posted
  • Author
Posted
I've received several e-mails claiming to be from UPS, as well as another parcel delivery service whose name escapes me at this moment. These e-mails came with attachments and claimed to have a tracking number. A google search re this subject line of the e-mails reveals that the attachments contain malware. The e-mails were all sent to a yahoo mail account that I have and would never use for business if I were using a courier service, so I knew right away that they weren't legit. Yahoo knew, too, as it placed the e-mails in the spam folder. :) My son has also received such e-mails on his yahoo account.

Gotta be careful, seems to be a rash of such e-mails going out right now. I don't even open them, just delete them immediately.

yes, that's what I did. I've always read not to open zip or exe files from unknown senders....

Link to post
Share on other sites
monty2

monty2

Posted
  • Author
Posted
I've received several e-mails claiming to be from UPS, as well as another parcel delivery service whose name escapes me at this moment. These e-mails came with attachments and claimed to have a tracking number. A google search re this subject line of the e-mails reveals that the attachments contain malware. The e-mails were all sent to a yahoo mail account that I have and would never use for business if I were using a courier service, so I knew right away that they weren't legit. Yahoo knew, too, as it placed the e-mails in the spam folder. :) My son has also received such e-mails on his yahoo account.

Gotta be careful, seems to be a rash of such e-mails going out right now. I don't even open them, just delete them immediately.

THANKS..........

Link to post
Share on other sites
  • 3 weeks later...
sys-eng

sys-eng

Posted
Posted

The file is being modified either by program routines or by bad guys so there is currently many variants of it. I recieved several versions this week. Avast detected the first version I received a few days ago but none of the morphed ones. Malwarebytes did not detect any of them. BlueHost, AT&T, and Yahoo e-mail scanners are not detecting it yet.

VirusTotal and VirSCAN both indicate over 30% detection of malware. The original version I received 3 days ago received about 60% detection.

The file is included as an attachment to an e-mail such as the one below:

From: UPS Support Darcy Bates [package@ups.com]

Subject: UPS Delivery Problem NR 45688.

Hello!

Unfortunately we failed to deliver your postal package sent on the 25th of January in time because the recipient

Link to post
Share on other sites
RandyC

RandyC

Posted
Posted

I get several of these each month (sometimes they claim to be from DHL and sometimes from UPS). Either way, my Postini protection tells me the attachment does contain a virus, so I just delete them from the Postini Control Page.

Randy C

i JUST RECEIVED THIS E-MAIL IT COMES WITH A ZIP FILE TO OPEN. HAS ANYONE SEEN THIS?

ups_print_label_5924.zip

Dear customer!

We were not able to deliver your postal package sent on the 9th of December in time

because the addressee's address is wrong.

Please print out the invoice copy attached and collect the package at our office.

United Parcel Service of America.

Link to post
Share on other sites
sys-eng

sys-eng

Posted
Posted

I don't use Postini. I am reluctant to give Google that kind of access considering their privacy and security policies. Anyway, I believe that between the mail provider (AT&T), Avast and Malwarebytes, the messages should have been flagged or stopped completely.

Link to post
Share on other sites
whatmeworry?

whatmeworry?

Posted
Posted
Anyway, I believe that between the mail provider (AT&T), Avast and Malwarebytes, the messages should have been flagged or stopped completely.

Well, it seems to me that in cases like this (bogus messages supposedly from UPS or DHL), there should be an even better anti-malware tool at the user's disposal: common sense. Even if by some coincidence the user had sent a package via one of those companies on the very date stated in the message (highly unlikely but not impossible), the user should realize that most reputable companies do not send rather vague messages that fail to provide more specific information, nor do they usually ask the user to open attachments. And probably a quick look at the bogus message's full email headers will show that the message did not originate with UPS or DHL.

Link to post
Share on other sites
  • 8 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.