Around the 18th of this month some moron decided to start sending an email pretending to be from the UPS delivery company. It stated that a parcel could not be delivered and you needed to open the attachment, print out the page and send it back to UPS to claim your parcel back. The .zip contained a .exe file that opened a back door for a lot of nasty things.
Has anyone here had to deal with this yet?
□ΞVΞ□
Not seen it and not heard of it from work either.
Yep I had it sent to me, but Avast detected it through Mailwasher whilst it was still on my mail server, so it didn't even get to my machine
It'll be clever if they can develop one that will sidle up your garden path and slip a card through the door without alerting the dog like Citilink do.
"Free speech includes not only the inoffensive but the irritating, the contentious, the eccentric, the heretical, the unwelcome and the provocative provided it does not tend to provoke violence. Freedom only to speak inoffensively is not worth having."
The Uni had a few people fall for this, but nothing major as far as I know.
Still, if you aren't expecting a parcel from UPS, why would you open it?
People do - out of curiosity (who doesn't like to receive a surprise parcel?)Originally Posted by dave87
Had a couple of instances of it at home - one a couple of weeks ago not detected by Avast (but it was by me!) and another a few days ago which Avast did detect.
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
Yes, our company was hit.
Crosshair VIII Hero (WIFI), 3900x, 32GB DDR4, Many SSDs, EVGA FTW3 3090, Ethoo 719
Got this too but the email address was very suss. Something like upsparcel@dfdfhgldfhgkdfhxgodfjlgjvl...jcpbjpcbjp.com so decided it wasnt UPS
I have been spammed with this for a number of weeks saying they can't deliver the package etc and in the email there is the .zip and the .exe attached to it. Luckily though NOD32 catches it before it hits the inbox and sticks it in quarantine
read about this on another forum, but i did get one, good thing my e-mail is on my mac
i do not think i have got one i will have to check my avg now.
I've seen quite a few of these on my mail server. So far they've all been .exe's packaged as .zip's. I just quarantine all .zip attachments (along with .exe, .com, .pif etc) on the server so that kinda solves that problem
I wouldn't rely on AV to catch these - at the time they arrive AV detection is usually pretty poor. Each sample
quarantined on my server has been unique and all with varying levels of AV detection. Not much point your AV detecting them 24 hours after they've arrived.
getting about 5 coming in a day but mailwasher is flaging them as spam anyway
we have had a lot of these. they still seem to be getting through mcafee groupshield email scanning.
lot's of users are opening and they can be a real pain to remove.
There are currently 1 users browsing this thread. (0 members and 1 guests)
SCAN.care@HEXUS
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote