Be Aware of UPS Virus E-Mail - Trojan

[MaverickFlyer]

All,

I don’t typically send out warnings about e-mail viruses as it only usually serves to clog up e-mail inboxes about stuff that everyone already knows about. I am making an exception in this case because this Trojan is particularly nasty, as it will lie dormant until you enter the URL (web address) of a banking sight in internet explorer and then it will attempt to log your password and login keystrokes. Once it has the information it needs, it sends the details to a remote sight and …

The e-mail I received this morning looks like this;

***********************
-----Original Message-----
From: United Parcel Service
Sent: Wednesday, July 23, 2008 7:29 AM
To:
Subject: UPS Tracking Number 1931688831

Unfortunately we were not able to deliver postal package you sent on July the 1st in time because the recipient’s address is not correct.

Please print out the invoice copy attached and collect the package at our office

Your UPS
************************

According to Trend Micro AntiVirus Blog;

“The said file contains banking-related URLs which the spyware monitors in Internet browser address bars. When a user accesses any of the listed URLs, the spyware logs keystrokes to capture data entered in login boxes. Gathered data is then saved in a file, then sent to a remote site through HTTP post. The URLs listed in the downloaded configuration file may change at any time.”
UPS Spam: Trojan Courier of Choice | TrendLabs | Malware Blog - by Trend Micro

If you get an e-mail that appears to come from UPS regarding a package that wasn’t delivered, just delete the e-mail. Do not open it!

Hope this helps,

[bensenvill]

the first giveaway should've been that that is not a valid UPS tracking number.

1Z1235550400000134

they are always going to start with 1Z

[MaverickFlyer]

the first giveaway should've been that that is not a valid UPS tracking number.

1Z1235550400000134

they are always going to start with 1Z

But not everyone knows that. They just see it and open it.

[Frosty]

But not everyone knows that. They just see it and open it.

Exactly, someone here at my work opened one. Luckily she didn't open the attachment, she asked us first what was up with the email.

On the other hand, our UPS technician rep opened it up

[bensenvill]

that person should be fired.

[NorCalCoug]

I got that, I opened it, nothing happened. I was kind of sad that nothing happened.

[MaverickFlyer]

I got that, I opened it, nothing happened. I was kind of sad that nothing happened.

Go check your bank account online and see what happens.

[azbobbybooshay10]

Go check your bank account online and see what happens.

He would need to get onto a Windows computer first.

[MaverickFlyer]

He would need to get onto a Windows computer first.

Not necessarily.

Backdoor Busts the Mac Myth | TrendLabs | Malware Blog - by Trend Micro

[CincyZetec]

our shipping and receiving person just got on the intercom a few minutes ago to warn us about that. then 2 seconds later, one of the shop guys got on and said "sh!t, you should've told me that 10 minutes ago." hopefully he didn't catch it.