monty2 Posted February 16, 2010 ID:200866 Share Posted February 16, 2010 i JUST RECEIVED THIS E-MAIL IT COMES WITH A ZIP FILE TO OPEN. HAS ANYONE SEEN THIS?ups_print_label_5924.zipDear customer!We were not able to deliver your postal package sent on the 9th of December in timebecause the addressee's address is wrong.Please print out the invoice copy attached and collect the package at our office.United Parcel Service of America. Link to post Share on other sites More sharing options...
Amethyst Posted February 16, 2010 ID:200873 Share Posted February 16, 2010 I've received several e-mails claiming to be from UPS, as well as another parcel delivery service whose name escapes me at this moment. These e-mails came with attachments and claimed to have a tracking number. A google search re this subject line of the e-mails reveals that the attachments contain malware. The e-mails were all sent to a yahoo mail account that I have and would never use for business if I were using a courier service, so I knew right away that they weren't legit. Yahoo knew, too, as it placed the e-mails in the spam folder. My son has also received such e-mails on his yahoo account.Gotta be careful, seems to be a rash of such e-mails going out right now. I don't even open them, just delete them immediately. Link to post Share on other sites More sharing options...
Firefox Posted February 16, 2010 ID:200880 Share Posted February 16, 2010 More than likely it is a virus. There is no reason for UPS to send you an email with an attachment.Delete the email in question and do not open the attachment. Link to post Share on other sites More sharing options...
monty2 Posted February 16, 2010 Author ID:200881 Share Posted February 16, 2010 I've received several e-mails claiming to be from UPS, as well as another parcel delivery service whose name escapes me at this moment. These e-mails came with attachments and claimed to have a tracking number. A google search re this subject line of the e-mails reveals that the attachments contain malware. The e-mails were all sent to a yahoo mail account that I have and would never use for business if I were using a courier service, so I knew right away that they weren't legit. Yahoo knew, too, as it placed the e-mails in the spam folder. My son has also received such e-mails on his yahoo account.Gotta be careful, seems to be a rash of such e-mails going out right now. I don't even open them, just delete them immediately.yes, that's what I did. I've always read not to open zip or exe files from unknown senders.... Link to post Share on other sites More sharing options...
monty2 Posted February 16, 2010 Author ID:200884 Share Posted February 16, 2010 I've received several e-mails claiming to be from UPS, as well as another parcel delivery service whose name escapes me at this moment. These e-mails came with attachments and claimed to have a tracking number. A google search re this subject line of the e-mails reveals that the attachments contain malware. The e-mails were all sent to a yahoo mail account that I have and would never use for business if I were using a courier service, so I knew right away that they weren't legit. Yahoo knew, too, as it placed the e-mails in the spam folder. My son has also received such e-mails on his yahoo account.Gotta be careful, seems to be a rash of such e-mails going out right now. I don't even open them, just delete them immediately.THANKS.......... Link to post Share on other sites More sharing options...
MAM Posted February 16, 2010 ID:200890 Share Posted February 16, 2010 Hello,for a first look on it, uploadet http://virusscan.jotti.org/en here MAM Link to post Share on other sites More sharing options...
sys-eng Posted March 5, 2010 ID:210031 Share Posted March 5, 2010 The file is being modified either by program routines or by bad guys so there is currently many variants of it. I recieved several versions this week. Avast detected the first version I received a few days ago but none of the morphed ones. Malwarebytes did not detect any of them. BlueHost, AT&T, and Yahoo e-mail scanners are not detecting it yet.VirusTotal and VirSCAN both indicate over 30% detection of malware. The original version I received 3 days ago received about 60% detection.The file is included as an attachment to an e-mail such as the one below:From: UPS Support Darcy Bates [package@ups.com]Subject: UPS Delivery Problem NR 45688.Hello! Unfortunately we failed to deliver your postal package sent on the 25th of January in time because the recipient Link to post Share on other sites More sharing options...
RandyC Posted March 5, 2010 ID:210077 Share Posted March 5, 2010 I get several of these each month (sometimes they claim to be from DHL and sometimes from UPS). Either way, my Postini protection tells me the attachment does contain a virus, so I just delete them from the Postini Control Page.Randy Ci JUST RECEIVED THIS E-MAIL IT COMES WITH A ZIP FILE TO OPEN. HAS ANYONE SEEN THIS?ups_print_label_5924.zipDear customer!We were not able to deliver your postal package sent on the 9th of December in timebecause the addressee's address is wrong.Please print out the invoice copy attached and collect the package at our office.United Parcel Service of America. Link to post Share on other sites More sharing options...
sys-eng Posted March 5, 2010 ID:210082 Share Posted March 5, 2010 I don't use Postini. I am reluctant to give Google that kind of access considering their privacy and security policies. Anyway, I believe that between the mail provider (AT&T), Avast and Malwarebytes, the messages should have been flagged or stopped completely. Link to post Share on other sites More sharing options...
whatmeworry? Posted March 5, 2010 ID:210099 Share Posted March 5, 2010 Anyway, I believe that between the mail provider (AT&T), Avast and Malwarebytes, the messages should have been flagged or stopped completely.Well, it seems to me that in cases like this (bogus messages supposedly from UPS or DHL), there should be an even better anti-malware tool at the user's disposal: common sense. Even if by some coincidence the user had sent a package via one of those companies on the very date stated in the message (highly unlikely but not impossible), the user should realize that most reputable companies do not send rather vague messages that fail to provide more specific information, nor do they usually ask the user to open attachments. And probably a quick look at the bogus message's full email headers will show that the message did not originate with UPS or DHL. Link to post Share on other sites More sharing options...
dayze Posted November 14, 2010 ID:344772 Share Posted November 14, 2010 Contact UPS by phone if you Link to post Share on other sites More sharing options...
Haider Posted November 14, 2010 ID:344871 Share Posted November 14, 2010 Malwarebytes did not detect any of themHello All:Please read this and if possible submit sample at Newest Malware Threats Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now