Browse archive

Latest news

The CSO perspective on healthcare security and compliance

Jailed hacker designs device to thwart ATM card skimming

U.S. Congress has questions about Google Glass and privacy

Cyber espionage campaign uses professionally-made malware

Form-grabbing rootkit sold on underground forums

Large cyber espionage emanating from India

Over 45% of IT pros snitch on their colleagues

U.S. DOD decides iPhones and iPads can connect to its networks

Digital Government Strategy progress and challenges

Barracuda updates web application firewall

Thoughts on the need for anonymity

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

Malicious email simultaneously impersonates UPS and FedEx

Posted on 07.12.2012

Malicious notifications supposedly coming from major courier delivery services companies are nothing new, but they still must catch enough users off guard.

This latest one is particular enough to be worth mentioning, as the subject line sports the name of one company and the message is signed with the name of another:

The email body contains the usual "you weren't at home, print this receipt to claim the package" message and urges users to download the attached file - in this case an executable masquerading as a Word file and hiding in a zip file.

The file is, of course, a piece of malware that deletes the original file, creates hidden files and makes network connections.

"These infection files have been linked to ransomware, in this case something called 'Wheelsof' and you may well find yourself locked out of your PC if unfortunate enough to fall for this one," Chris Boyd warns.

I understand that spotting spelling or grammar mistakes in fake messages might not be some users' forte, but I wonder just how many of them would spot a glaring mistake such as this one.