UPS Tracking Number # Virus warning!
Posted 15 January 2010 - 04:47 PM
What is not good, is the fact that neither Microsoft Security Essentials antivirus nor Eset Nod32 wasn't able to detect it once I've scanned the file. At least Microsoft Outlook mail scanner marked this mail as spam. So I wasn't entirely unprotected
The bogus message subject is something like this:
Subject: UPS Tracking Number 8279775.
Sender: UPS Manager Ramona Mock email@example.com
Here's the subject of the mail:
The courier company was not able to deliver your parcel by your address.<br itxtvisited="1">Cause: Error in shipping address.
You may pickup the parcel at our post office personaly!
Please attention!<br itxtvisited="1">The shipping label is attached to this e-mail. <br itxtvisited="1">Please print this label to get this package at our post office.
Please do not reply to this e-mail, it is an unmonitored mailbox.
Thank you.<br itxtvisited="1">United Parcel Service.<br itxtvisited="1">The attachment actually contains a virus which may infect the user's computer.
When I googled for more information on this virus, I've found out that similar virus was released almost 2 years ago, so apparently this is a new variant of it, as AV scanners were unsuccessful in detecting the threat. So far I've tried to detect the threat using 'only' Microsoft Security Essentials and Nod32 antivirus.
Here is the warning about UPS virus which was released about 18 months ago.
The newest virus circulating is the UPS/Fed Ex Delivery Failure. You will receive an email from UPS/Fed Ex Service along with a packet number.. It will say that they were unable to deliver a package sent to you on such-and-such a date. It then asks you to print out the invoice copy attached. DON'T TRY TO PRINT THIS. IT LAUNCHES THE VIRUS! Pass this warning on to all your PC operators at work and home. This virus has caused Millions of dollars in damage in the past few days.
I can't be sure of what damage it can cause to your computer, but I guess it is variant of UPS trojan virus and I can only advise you upon receiving similar mail, to immediately delete it.
Update: I have submitted suspicious file to the Microsoft Malware Protection Center (MMPC). I will update this article, as soon as I get more info on this.
Posted 15 January 2010 - 08:06 PM
Posted 15 January 2010 - 08:13 PM
Posted 16 January 2010 - 06:49 AM
Check the frontpage article for more information.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users