Spyware Sucks

But here is the dirty little secret of browser security: Even if every Internet browser made today were completely bug-free, it wouldn't stop malicious hackers and malware. Why? Because the vast majority of successful malicious exploits today don't exploit buggy browsers, but rather unwitting end-users. That is, Web-based malware is successful because end-users are intentionally installing it! Most exploit code doesn't search for an unpatched vulnerability, but simply asks the user to install. - Roger Grimes, Infoworld

"There is no magic fairy dust protecting Macs" - Dai Zovi, security researcher and co-author of The Mac Hacker's Handbook.

UPS spam

There is a lot of it out there .. here is a screenshot of just one that I received:

First of all, I didn't send a postal package. Secondly, UPS isn't going to us that qq.com address. Thirdly, UPS offers online parcel tracking - why on earth would they send you a document to open? Finally, as far as I know, sending such emails is not standard operating procedure for UPS.

UPS did issue a warning about the virus, but the URL no longer works:
UPS Virus warning

According to urbanlegend.about.com, the text of the warning was:

Attention Virus Warning

We have become aware there is a fraudulent email being sent that says it is coming from UPS and leads the reader to believe that a UPS shipment could not be delivered. The reader is advised to open an attachment reportedly containing a waybill for the shipment to be picked up.

This e-mail attachment contains a virus. We recommend that you do not open the attachment, but delete the email immediately.

UPS may send official notification messages on occasion, but they rarely include attachments. If you receive a notification message that includes an attachment and are in doubt about its authenticity, please contact customerservice@ups.com.

Please note that UPS takes its customer relationships very seriously, but cannot take responsibility for the unauthorized actions of third parties.

Thank you for your attention.

Further information about the UPS spam (the purpose of which, btw, is to fool you running the exe in the zip file, thereby infecting your system with fraudware) can be found here:

http://msmvps.com/blogs/donna/archive/2008/07/14/ups-packet-service-malware-spam.aspx

http://www.pandasecurity.com/enterprise/media/press-releases/viewnews?noticia=9301

http://www.dslreports.com/forum/r20789896-UPS-packet-upsinvoicezip-WORM

http://www.trendmicro.com/vinfo/grayware/ve_graywareDetails.asp?GNAME=TSPY%5FZBOT%2EPF

http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/342457447/

http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/337327468/

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=132901

http://my.opera.com/harrywaldron/blog/2008/07/16/united-parcel-service-fake-email-for-package-non-delivery

Published Thu, Jul 24 2008 20:40 by sandi

Filed under: Security, safety and privacy on the Internet, Vulnerabilities, viruses and exploits