UPS spam

There is a lot of it out there .. here is a screenshot of just one that I received:

image

First of all, I didn't send a postal package.  Secondly, UPS isn't going to us that qq.com address.  Thirdly, UPS offers online parcel tracking - why on earth would they send you a document to open?  Finally, as far as I know, sending such emails is not standard operating procedure for UPS.

UPS did issue a warning about the virus, but the URL no longer works:
UPS Virus warning

According to urbanlegend.about.com, the text of the warning was:

Attention Virus Warning

We have become aware there is a fraudulent email being sent that says it is coming from UPS and leads the reader to believe that a UPS shipment could not be delivered. The reader is advised to open an attachment reportedly containing a waybill for the shipment to be picked up.

This e-mail attachment contains a virus. We recommend that you do not open the attachment, but delete the email immediately.

UPS may send official notification messages on occasion, but they rarely include attachments. If you receive a notification message that includes an attachment and are in doubt about its authenticity, please contact customerservice@ups.com.

Please note that UPS takes its customer relationships very seriously, but cannot take responsibility for the unauthorized actions of third parties.

Thank you for your attention.

Further information about the UPS spam (the purpose of which, btw, is to fool you running the exe in the zip file, thereby infecting your system with fraudware) can be found here:

http://msmvps.com/blogs/donna/archive/2008/07/14/ups-packet-service-malware-spam.aspx

http://www.pandasecurity.com/enterprise/media/press-releases/viewnews?noticia=9301 

http://www.dslreports.com/forum/r20789896-UPS-packet-upsinvoicezip-WORM

http://www.trendmicro.com/vinfo/grayware/ve_graywareDetails.asp?GNAME=TSPY%5FZBOT%2EPF

http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/342457447/

http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/337327468/

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=132901

http://my.opera.com/harrywaldron/blog/2008/07/16/united-parcel-service-fake-email-for-package-non-delivery

Published Thu, Jul 24 2008 20:40 by sandi
Filed under: ,

Comments

# re: UPS spam

Friday, July 25, 2008 1:07 AM by Vincenzo Di Russo [MVP]

>UPS did issue a warning about the virus, but the URL no longer works:

UPS Virus warning

Now works.