Monday, November 24, 2008

United Postal Service? - Malware Alert

I got a piece of e-mail today that screamed "fraud" to me, and I didn't see anything online mentioning it, so I thought I'd let people know.

The message is from the "United Postal Service," which of course doesn't exist (it's United Parcel Service or United States Postal Service). The e-mail is written in an amateurish style, and anyone with half a clue about viruses, trojan horses, or other malware would identify it within seconds. 

Here's the text:

Sorry, we were not able to deliver postal package you sent on November the 1st in time
because the recipient’s address is not correct.

Please print out the invoice copy attached and collect the package at our office.
If you do not receive package in ten days you will have to pay 36$ per day.

Your UPS
There is an attachment that appears to be a .zip file, but it opens up to a .exe file. Since I have a Mac, I can open most attachments without fear of infection from malware (there have been cases, but it's measured in years per occurrence on Macs because of our relatively low market share). I have no idea what the malware does, but I recommend you make your less tech-savvy coworkers aware of it if you work in a Windows environment, and of course do *not* open any attachment that you are not expecting and looks in the slightest way fishy. 

Of course, I did not send a package on Nov 1, of course UPS does not charge $36 per day if the package is not collected - they simply send it back to the sender. 

I was not able to find any online reference to this malware, which is why I'm letting people know as a public service that this is malware. It amazes me that people still buy into this stuff after all the various viruses that have come out in the last ten years, but they still do. 

Edit: this malware came out in July 0f 2008, and is documented here. My initial search came up empty, but a second search on text from the message took me right to it. My apologies for spreading fear and loathing. Being on a Mac and not being in an office environment insulates me a bit sometimes.

1 comment:

Jeremy said...

We got the same message today (Monday, November 24, 2008) and promptly deleted it. We are also on Mac, but don't like to take any chances. I routinely look up scam phone calls and email spam as it helps us all to report such things. Yours was the only site that mentioned it. It came in via our small business email address to an unknown recipient.