Malicious email simultaneously impersonates UPS and FedEx
Posted on 07.12.2012
Malicious notifications supposedly coming from major courier delivery services companies are nothing new, but they still must catch enough users off guard.

This latest one is particular enough to be worth mentioning, as the subject line sports the name of one company and the message is signed with the name of another:


The email body contains the usual "you weren't at home, print this receipt to claim the package" message and urges users to download the attached file - in this case an executable masquerading as a Word file and hiding in a zip file.

The file is, of course, a piece of malware that deletes the original file, creates hidden files and makes network connections.

"These infection files have been linked to ransomware, in this case something called 'Wheelsof' and you may well find yourself locked out of your PC if unfortunate enough to fall for this one," Chris Boyd warns.

I understand that spotting spelling or grammar mistakes in fake messages might not be some users' forte, but I wonder just how many of them would spot a glaring mistake such as this one.






Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //