Monday, August 18, 2008
Virus alert - Emails from UPS in the form Tracking N 4918016181
Hi,
Of late I have noticed quite a number of malicious emails which have a subject such as "Tracking N 4918016181", where the number varies and the email appears to be from UPS (United Parcel Service of America).
Attached is a zip file and inside the zip files is an executable. It is extremely important to treat all emails from others with suspicion if you receive an email which has an attachment and you are not expecting it, even if it is from family, friends and companies you know.
In this case the user's anti-virus software had expired and they had just used the UPS service, so what would normally have been treated with suspicion, was thought to be a valid email response from UPS.
The result was an infected computer. The infection is difficult to fully remove and has damaged the Windows installation. A full reload of the computer will be required.
Make sure you keep you anti-virus software up-to-date and use a product like OzEfilter, which helps to stop malicious emails before they get into your computer. Treat all emails from anyone with suspicion, in particular any email that you are not specifically expecting that contains an attachment. Even if the email is from someone you know, still treat it with suspicion, as they may also have been tricked. In the MyAnswers solution 1890 we provide details of an online scanning service where you can check an attachment to see if it is infected.
Most of all, practise safe computing. In all the years I have rarely seen a virus infection that has not been the result of the users own actions. A healthy degree of suspicion is good when it comes to receiving emails.
- Kelvin
Of late I have noticed quite a number of malicious emails which have a subject such as "Tracking N 4918016181", where the number varies and the email appears to be from UPS (United Parcel Service of America).
Attached is a zip file and inside the zip files is an executable. It is extremely important to treat all emails from others with suspicion if you receive an email which has an attachment and you are not expecting it, even if it is from family, friends and companies you know.
In this case the user's anti-virus software had expired and they had just used the UPS service, so what would normally have been treated with suspicion, was thought to be a valid email response from UPS.
The result was an infected computer. The infection is difficult to fully remove and has damaged the Windows installation. A full reload of the computer will be required.
Make sure you keep you anti-virus software up-to-date and use a product like OzEfilter, which helps to stop malicious emails before they get into your computer. Treat all emails from anyone with suspicion, in particular any email that you are not specifically expecting that contains an attachment. Even if the email is from someone you know, still treat it with suspicion, as they may also have been tricked. In the MyAnswers solution 1890 we provide details of an online scanning service where you can check an attachment to see if it is infected.
Most of all, practise safe computing. In all the years I have rarely seen a virus infection that has not been the result of the users own actions. A healthy degree of suspicion is good when it comes to receiving emails.
- Kelvin
Subscribe to:
Post Comments (Atom)
Hi,
ReplyDeletePlease note that I've now tested a similar email using another anti-virus program and the attached file was not detected as an virus.
As a result I would suggest advising others to take care with this virus.
- Kelvin
I just received the information back from the online virus scanning service mentioned in MyAnswers solution 1890 and they confirmed the attachment contains a virus.
ReplyDeleteThis virus was not detected by two anti-virus software packages so care should be taken.
The following are the results.
FILE: Exel_Invoice_NR719200.zip
SIZE: 50632
CONCLUSION: malware container
FILE: Exel_Invoice_NR719200.exe
SIZE: 57344
CONCLUSION: confirmed malware
I've been advised by a client they received a similar email from Fedex so this attack is not only being targeted by users of UPS.
ReplyDelete