Jump to content
CCleaner Community Forums
Humpty

United Parcel Scam Email

Recommended Posts

Just got an email from a "United Parcel Service"

Unfortunately we were not able to deliver postal package you sent on July the 1st in time

because the recipient's address is not correct.

Please print out the invoice copy attached and collect the package at our office

 

Your UPS

The attached word document is actually an exe in disguise and will unload malware if executed.

Virus Total

 

Share this post


Link to post
Share on other sites

Sorry Hazel, missed your posting.Maybe you could merge the two.

 

I tried to send the zipped malware package to Oleg, the developer of AVZ anti rootkit tool for addition to it's data base but had a run in with my isp email service provider.

 

Below is a transcript of our little run in.

My isp:

The following viruses were detected in the message (MID 132528672):

'Troj/Agent-HFZ', 'Troj/Invo-Zip'

 

Actions taken:

Message archived

Message dropped

My reply:

I know it's malware that I was sending to an anti malware developer for

analsyis.

 

Funny thing is I got the malware as an email attachment through my Iprimus account!

LOL.

 

Come to think about it, why can it come through to me no probs but I can't

send it for expert analysis both going via my isp's email service????

:lol:

Share this post


Link to post
Share on other sites

Excellent reply to your ISP Humpty, bet they didn't know what to say!!

Share this post


Link to post
Share on other sites

That's why people should configure their systems to display the file extensions. It's far too easy to put any icon into a program.

Share this post


Link to post
Share on other sites

 

Excellent reply to your ISP Humpty, bet they didn't know what to say!!
If it was Rogers they would say FORMAT the hard drive and re-install the operating system.

Share this post


Link to post
Share on other sites
That's why people should configure their systems to display the file extensions. It's far too easy to put any icon into a program.

Thanks Andavari.

I always have because it only makes sense to me.This is a "CRITICAL" reason. I am glad you pointed it out.

There are so many "esthetic" options that make me want to puke!!! How esthetic is that ? :lol:

:) davey

P.S. Thank you all. I think I might have fallen for that except I don't use UPS. Still is tricky though.

Share this post


Link to post
Share on other sites

Hi,

I got this email today and unfortunetly we use UPS so much I opened it. When I clicked on the zip file nothing happened and my Norton alerted me that something was trying to change a registry & I blocked it. Does this mean I am not infected or do I need to call the Geek squad? Any help is appreciated.

AMG

 

 

 

Just got an email from a "United Parcel Service"

 

The attached word document is actually an exe in disguise and will unload malware if executed.

Virus Total

 

Share this post


Link to post
Share on other sites

I think you would have to execute the file within the zip to get infected and seeing as Norton stopped the zip from opening I would say you should be safe.

 

If you notice anything odd such as unexpected network activity then it would be advisable to post a Hijackthis log.

 

Any suspect attachments or files can be uploaded to Virus Total for a scan with several different av engines.

Share this post


Link to post
Share on other sites
I think you would have to execute the file within the zip to get infected and seeing as Norton stopped the zip from opening I would say you should be safe.

 

If you notice anything odd such as unexpected network activity then it would be advisable to post a Hijackthis log.

 

Any suspect attachments or files can be uploaded to Virus Total for a scan with several different av engines.

 

I did. I ran Mcafee and it caught 4 trojans, repaired 1, removed 1 and then I deleted one. The last one was listed but it gave me no option to repair, remove so I am not sure what my status is at the moment. It froze my Internet Explorerer and Windows Media palyer but both came back after I ran the scan.

 

Any suggestions would be appreciated.

Share this post


Link to post
Share on other sites

You could try a scan with Dr Web Cureit which is a free standalone AV scanner.

 

Then run a scan with SuperAntispyware and if any probs are still around then probably post a Hijackthis log in the appropriate forum.

 

Which av are you using atm, Norton's or Mcafee?

Share this post


Link to post
Share on other sites

Hi all,

 

I just came across an email also, supposedly from UPS and the message read as follows...Dear customer.

 

The parcel was sent your home address.

And it will arrive within 3 business day.

 

More information and the tracking number are attached in document below.

 

Thank you.

? 1994-2011 United Parcel Service of America, Inc.

 

My God it isn't even in proper English!! (Grammar wise) There is an attachment with it (A UPS.Zip Download)Naturally I haven't opened it and I'm so glad that I read these posts first. I take it that so long as I haven't opened/downloaded the zip file, I'm ok yeah?

 

Regards to all :)

Share this post


Link to post
Share on other sites

I take it that so long as I haven't opened/downloaded the zip file, I'm ok yeah?

 

Holy old topic revival Batman!:blink:

 

If you haven't downloaded or opened the attachment you're fine, just delete the email and possibly block the sender.

Share this post


Link to post
Share on other sites

I don't believe UPS would send an attachment anyway, they'd post all the info in the actual email. Matter of fact I don't believe UPS would email anyone except their biggest clients.

Share this post


Link to post
Share on other sites

Another reason to use Sandboxie (or similar). If you are using web mail I'm sure Sb is already at work. If you use a POP3 client like Outlook, OE or Thunderbird, be sure to enable Sb to always run them sandboxed!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...