Spam Mail Run Delivers Malware While Masquerading as UPS

Two security firms namely Malwarebytes and Cisco warn that UPS (United Parcel Service)-related unsolicited electronic mails are presently hitting inboxes. These spam mails spoofing the globally famous package handing over company i.e. UPS actually represent one malware dissemination scam, published softpedia.com dated April 11, 2014.

Showing a header "UPS Exception Notification, Tracking Number 1Z522A9A6892487822," the fake e-mails inform the recipient that because the shipper wanted, it was decided that the said merchandize would be delivered at some newly scheduled time.

Both Malwarebytes as well as Cisco, while examining the spam attack that seemingly began on 10th April, 2014, found that their respective samples contained an identical tracking number.

Whereas the tracking number does really exist, the cyber-criminals seemingly use it uniformly for each and every message. And as Joshua Cannell, Malware Intelligence Analyst at Malwarebytes outlines, the tracking no. has been assigned for a parcel that someone called "DONNA" sent, and got handed over during February 2014.

When the spam recipients hit a given web-link, it produces a zipped file that carries an apparently innocuous Portable Document Format (PDF) file. Actually, there's malware hidden inside this archive, and it's a Trojan ZeuS variant. Characteristically, ZeuS mines hijacked PCs for sensitive information and transmits the same onto remote criminals. Sometimes with this malicious program, the criminals even manage in acquiring full hold over the contaminated systems.

Security analysts comment that the bogus e-mails talking about parcel delivery continue to be successful since many people look forward towards getting genuine notifications.

But, UPS usually doesn't contact clients through a generic, unsolicited electronic mail which has delivery details within a file attached to it similar as within the aforementioned instance. Cyber-criminals frequently target UPS with the purpose to distribute malware. The malware purveyors also repeatedly use other popular parcel handing over firms such as FedEx and DHL.

So anyone getting a sample of the above fraudulent UPS e-mails alternatively one likewise asserting as being from other parcel delivery firms, should refrain from viewing its attachments. Moreover, a few versions may even attempt at duping recipients into following web-links, which take onto hijacked sites, which too have malware.

» SPAMfighter News - 4/19/2014