Browse archive

Latest news

Experts highlight top data breach vulnerabilities

Review: Logging and Log Management

Commission wants to minimize U.S. IP theft economic impact

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

Guantanamo cuts off Wi-Fi access due to OpGTMO

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

Find TrueCrypt and BitLocker encrypted containers and images

The CSO perspective on healthcare security and compliance

Hacking charge stations for electric cars

Fake UPS notices deliver malware

Posted on 31.08.2012

Cyber crooks have once again resurrected the old UPS spam email campaign in order to deliver their malicious wares to Internet users, warns Webroot's Dancho Danchev.

As usual, the email takes the form of a notification about a failed delivery:

The spammers equipped the message with UPS' logos in order to create lend some degree of credibility to it but, unfortunately, a click on the "Print a shipping Label" button will take the victims to a compromised website serving what seems to be a label (Label_Copy_UPS.zip), but what actually is a downloader Trojan.

The good news is that the Trojan has a very high detection rate. Still, users should train themselves not to instinctively follow links or download files from unsolicited emails - no matter what the message says or how it makes them feel.