Post by davejs on Nov 5, 2009 17:11:29 GMT -5
Phewww. This was a close call. Here's what I received today. There is an attachment to the email and I considered downloading it out of curiousity. NEVER DO THAT.
From: dtaylo123@aol.com
To: dtaylo123@aol.com
Dear customer!
Unfortunately we were not able to deliver the postal package which was sent on the 20th of June in time because the addressee's address is incorrect.
Please print out the invoice copy attached and collect the package at our office.
United Parcel Service of America.
Just one look at it and I knew instantly that it was a scam. Many discrepancies here. UPS notification from an AOL address? Hilarious. Letter 'c' in customer is not capitalized and there is an exclamation point following the word. Sent on the 20th of June? No tracking number. And of course, the name of the sender - United Parcel Service of America. This has to be one of the most poorly written scam letters of the year.
Okay, so I decided to do a google search on the first sentence and of course, this scam has been going around. www.hoax-slayer.com/ups-malware.shtml This is what they said:
Attention Virus Warning
Service Update
We have become aware there is a fraudulent email being sent that says it is coming from UPS and leads the reader to believe that a UPS shipment could not be delivered. The reader is advised to open an attachment reportedly containing a waybill for the shipment to be picked up.
This email attachment contains a virus. We recommend that you do not open the attachment, but delete the email immediately.
UPS may send official notification messages on occasion, but they rarely include attachments. If you receive a notification message that includes an attachment and are in doubt about its authenticity, please contact customerservice@ups.com.
Please note that UPS takes its customer relationships very seriously, but cannot take responsibility for the unauthorized actions of third parties.
The attachment contains malware, detected as Trj/Agent.JEN by Internet Security company PandaLabs, that can replace an important file on Windows computers and then download other malware to the infected computer. PandaLabs notes: This malware is copied in the system, replacing the Windows Userinit.exe (this file is the one which runs explorer.exe, the interface of the system and other important processes), copying the legitimate file as userini.exe, so that the computer can work properly.
Additionally, it establishes a connection with a Russian domain, which has been used on some occassions by banker Trojans. From this domain it will redirect the request to a German domain in order to download a rootkit and a rogue antivirus, detected as Rootkit/Agent.JEP and Adware/AntivirusXP2008 respectively. If you receive an email similar to the example quoted above, do not open any attachments that come with the message or click on any links that it may contain.
From: dtaylo123@aol.com
To: dtaylo123@aol.com
Dear customer!
Unfortunately we were not able to deliver the postal package which was sent on the 20th of June in time because the addressee's address is incorrect.
Please print out the invoice copy attached and collect the package at our office.
United Parcel Service of America.
Just one look at it and I knew instantly that it was a scam. Many discrepancies here. UPS notification from an AOL address? Hilarious. Letter 'c' in customer is not capitalized and there is an exclamation point following the word. Sent on the 20th of June? No tracking number. And of course, the name of the sender - United Parcel Service of America. This has to be one of the most poorly written scam letters of the year.
Okay, so I decided to do a google search on the first sentence and of course, this scam has been going around. www.hoax-slayer.com/ups-malware.shtml This is what they said:
Attention Virus Warning
Service Update
We have become aware there is a fraudulent email being sent that says it is coming from UPS and leads the reader to believe that a UPS shipment could not be delivered. The reader is advised to open an attachment reportedly containing a waybill for the shipment to be picked up.
This email attachment contains a virus. We recommend that you do not open the attachment, but delete the email immediately.
UPS may send official notification messages on occasion, but they rarely include attachments. If you receive a notification message that includes an attachment and are in doubt about its authenticity, please contact customerservice@ups.com.
Please note that UPS takes its customer relationships very seriously, but cannot take responsibility for the unauthorized actions of third parties.
The attachment contains malware, detected as Trj/Agent.JEN by Internet Security company PandaLabs, that can replace an important file on Windows computers and then download other malware to the infected computer. PandaLabs notes: This malware is copied in the system, replacing the Windows Userinit.exe (this file is the one which runs explorer.exe, the interface of the system and other important processes), copying the legitimate file as userini.exe, so that the computer can work properly.
Additionally, it establishes a connection with a Russian domain, which has been used on some occassions by banker Trojans. From this domain it will redirect the request to a German domain in order to download a rootkit and a rogue antivirus, detected as Rootkit/Agent.JEP and Adware/AntivirusXP2008 respectively. If you receive an email similar to the example quoted above, do not open any attachments that come with the message or click on any links that it may contain.