Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

UPS spam

July 24th 2008 in Uncategorized

There is a lot of it out there .. here is a screenshot of just one that I received:

image

First of all, I didn’t send a postal package.  Secondly, UPS isn’t going to us that qq.com address.  Thirdly, UPS offers online parcel tracking – why on earth would they send you a document to open?  Finally, as far as I know, sending such emails is not standard operating procedure for UPS.

UPS did issue a warning about the virus, but the URL no longer works:
UPS Virus warning

According to urbanlegend.about.com, the text of the warning was:

Attention Virus Warning

We have become aware there is a fraudulent email being sent that says it is coming from UPS and leads the reader to believe that a UPS shipment could not be delivered. The reader is advised to open an attachment reportedly containing a waybill for the shipment to be picked up.

This e-mail attachment contains a virus. We recommend that you do not open the attachment, but delete the email immediately.

UPS may send official notification messages on occasion, but they rarely include attachments. If you receive a notification message that includes an attachment and are in doubt about its authenticity, please contact customerservice@ups.com.

Please note that UPS takes its customer relationships very seriously, but cannot take responsibility for the unauthorized actions of third parties.

Thank you for your attention.

Further information about the UPS spam (the purpose of which, btw, is to fool you running the exe in the zip file, thereby infecting your system with fraudware) can be found here:

http://msmvps.com/blogs/donna/archive/2008/07/14/ups-packet-service-malware-spam.aspx

http://www.pandasecurity.com/enterprise/media/press-releases/viewnews?noticia=9301 

http://www.dslreports.com/forum/r20789896-UPS-packet-upsinvoicezip-WORM

http://www.trendmicro.com/vinfo/grayware/ve_graywareDetails.asp?GNAME=TSPY%5FZBOT%2EPF

http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/342457447/

http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/337327468/

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=132901

http://my.opera.com/harrywaldron/blog/2008/07/16/united-parcel-service-fake-email-for-package-non-delivery

One comment to...
“UPS spam”

Vincenzo Di Russo [MVP]

>UPS did issue a warning about the virus, but the URL no longer works:
UPS Virus warning

Now works.


Actually, it could be fraudware or it could be a p0rn site trying to tempt you into installing a fake media codec depending on the luck of the draw… Anyway, part of my ‘day job’ nowadays is keeping an eye on the programs that have been whitelisted by TRUSTe’s Trusted Download Program (hence my official [...]

Previous Entry

And, it’s about time too!! Full details are available via the Google Team announcement: http://feeds.feedburner.com/~r/OfficialGmailBlog/~3/344985025/making-security-easier.html

Next Entry