«
»

Maleware DHL, UPS, FedEx Spoofs

The criminal shipper/courier virus cartel has launched a new attack attempting to make you believe you must download an attachment in order to claim a package. BEWARE: DO NOT CLICK…

The last wave of this technique was back in late 2008, and there haven’t been too many since. But now, in two days our spam traps have received multiple emails of four different variations on the package scam.

The criminal is spoofing a UPS, FedEx, or DHL Delivery Failure. HERE’S what it looks like in SpamCop email:

DHL SPAM VIRUS MALWARE

The email is fraudulent, the attachment is a computer virus, and the package does not exist. In reality this particular instance email comes from a compromised Windows computer in Greece:

> ADSL LLU POOLS
> FORTHnet Technical Operations
> ATHENS, GR

Several others came in through Pakistan, Russia and Brazil, however all carry the same identical file. So, we believe it’s spread through a botnet of compromised computers using Microsoft Windows operating systems.

This is a fairly common and effective technique for luring e-mail users into opening virus-launching attachments. The messages carry a file attachment called ‘DHL_Document_NR3784.zip’ or ‘ups_invoice.zip’ which when unzipped, immediately launch a malicious executable (.exe) file. The file shows a Microsoft Word icon so victims think it is harmless.
Federal Express,
UPS and
DHL
have all issued warnings.

DO NOT CLICK This email attachment contains a virus or zombie. DO NOT OPEN the attachment – DELETE it immediately. If you have any doubt at all that it might be legitimate, call the carrier first. If you use SpamCop or Knujon, remember to report the spam to them at once, so it can be added to black lists.

Thanks for reading

Fred Showker

Don’t forget … if you have information you’d like to share, Contact us
NOTE TWEET THIS and follow us on Twitter: www.twitter.com/UGNnet — let us know your Twitter address so we can follow you!

NOTE:
SpamCop is the premier service for reporting spam. SpamCop determines the origin of unwanted email and reports it to the relevant Internet service providers.
Knujon has shutdown over 200-thousand junk email sites, and continues pressure on ICANN to break criminal cartels and rogue registrars.

Share this | Post to Twitter Tweet this
Posted by Fred, January 29, 2010
Tags: , , , , , ,

Comments

  • True | March 24, 2010 | 8:40 pm

    i like it very much , and you guys ROCK!

Leave a comment

You must be logged in to post a comment.