Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










Issue 104 - July 2010 - Page 17

Pages in this month's issue:
  1. Two Suns - Star Aderoid Hoax
  2. Deaths From Free Perfume Samples Hoax
  3. Commonwealth Bank Phishing Scam - Online Access Suspended Message
  4. Remus Rudd Hanged Horse Thief Hoax
  5. Muslim Sign in Houston Mall Protest Message - The Martyrdom of Imam Ali
  6. Converted Grain Silo Apartment Photographs
  7. Abduction Alert Message For Eight Year Old Girl From West Valley City Utah
  8. Bill Cosby Write-In Candidate For President In 2012 Hoax
  9. Old Woman and The Smashed Car Window Abduction Warning Hoax
  10. Motorcycle Inside Volkswagen Accident Photographs
  11. Compuserve Database Upgrade Phishing Scam
  12. Free Starlight Cruise For Forwarding Hoax
  13. Facebook Deactivated Account Spam
  14. Rehana 27 From Leicister Hacker Warning Hoax
  15. Apple iPhone and iPad Giveaway Spam on Facebook
  16. Not Able to Deliver UPS Package Malware Email
  17. Emiliano Briones Ronquillo Prayer Request Message
  18. Ashley Flores Missing Child Hoax
  19. Bristol Zoo Car Park Attendant Hoax

Issue 104 Start Menu

Previous Article            Next Article

Not Able to Deliver UPS Package Malware Email

Outline
Emails purporting to be from delivery company, UPS, claim that a package sent by the recipient could not be delivered. The messages instruct the recipient to open an attachment to print out an invoice.



Brief Analysis
The emails are not from UPS and the package mentioned in the messages does not exist. The attachment does not contain an invoice as claimed in the messages. In fact, opening the attachment will install malware on the recipient's computer.

Bookmark and Share
Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:




Last updated: 1st June 2010
First published: 16th July 2008
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Examples:
From: Your UPS

Subject: UPS Tracking #1250295937


Dear ladies and gentlemen,

We were not able to deliver postal package you sent on the 18nd May in time because the recipientís address is not correct.

Please print out the invoice copy attached and collect the package at our office.

Your personal manager: Mabel Waldron, Your UPS

[Attachment Name: UPS invoice 51787 (zip file)]


From: "UPS Service Manager"

Subject: UPS Delivery Problem NR 89038.


Hello!

Unfortunately we failed to deliver your postal package you have sent on the 2nd of December in time because the addressee's address is erroneous. Please print out the invoice copy attached and collect the package at our office.

United Parcel Service of America.

[Attachment Name: UPS INVOICE TRACKING NRPS-4244-232225-4 (zip file)]




Detailed Analysis
According to these email messages, US based delivery company United Parcel Service (UPS) could not deliver a package sent by the recipient because the delivery address was incorrect. The emails urge the recipient to open an attached file so that an invoice for the supposed package can be printed out.

However, the emails were not sent by UPS and the information they contain about a package delivery failure is untrue. In fact, the email attachments contain a malicious computer program. Internet criminals have now been using the "failed UPS delivery" ruse to distribute malware for several years. In response to an attack launched in 2008 that used this method, UPS published the following warning on its website:
Attention Virus Warning
Service Update


We have become aware there is a fraudulent email being sent that says it is coming from UPS and leads the reader to believe that a UPS shipment could not be delivered. The reader is advised to open an attachment reportedly containing a waybill for the shipment to be picked up.

This email attachment contains a virus. We recommend that you do not open the attachment, but delete the email immediately.

UPS may send official notification messages on occasion, but they rarely include attachments. If you receive a notification message that includes an attachment and are in doubt about its authenticity, please contact customerservice@ups.com.

Please note that UPS takes its customer relationships very seriously, but cannot take responsibility for the unauthorized actions of third parties.

Thank you for your attention.
UPS has also published an article about protecting against fraud in which it notes:
If you receive a fraudulent or suspicious e-mail that claims to be from UPS, do not respond or open any attachments or links associated with the e-mail.
The attachments contains malware, often detected as Win32:Trojan-gen by Avast anti-virus. Other anti-virus companies may have other names for this malware. And, different versions of the malware emails may contain other variants of the malware. Generally speaking however, once installed, this trojan can connect to a remote server, download other malware components, add entries to the Windows Registry, potentially steal data from the infected computer and cause other serious issues on the infected computer. The malware can be difficult to remove.

Internet users should be very cautious of any unsolicited email that urges you to open an attached file to review information about a supposed problem or complaint. This is a very common method of distributing malware. Always ensure that you have effective and up-to-date security software installed on your computer, including anti-virus and anti-spyware scanners and a firewall.

Bookmark and Share



References
Protect Yourself Against Fraud
Fake UPS Email with Virus - UPS Delivery Problem NR.8595037
Fake UPS Invoice Email
E-mail allegedly from UPS delivers a computer virus

Previous Article            Next Article

Issue 104 Start Menu

Pages in this month's issue:
  1. Two Suns - Star Aderoid Hoax
  2. Deaths From Free Perfume Samples Hoax
  3. Commonwealth Bank Phishing Scam - Online Access Suspended Message
  4. Remus Rudd Hanged Horse Thief Hoax
  5. Muslim Sign in Houston Mall Protest Message - The Martyrdom of Imam Ali
  6. Converted Grain Silo Apartment Photographs
  7. Abduction Alert Message For Eight Year Old Girl From West Valley City Utah
  8. Bill Cosby Write-In Candidate For President In 2012 Hoax
  9. Old Woman and The Smashed Car Window Abduction Warning Hoax
  10. Motorcycle Inside Volkswagen Accident Photographs
  11. Compuserve Database Upgrade Phishing Scam
  12. Free Starlight Cruise For Forwarding Hoax
  13. Facebook Deactivated Account Spam
  14. Rehana 27 From Leicister Hacker Warning Hoax
  15. Apple iPhone and iPad Giveaway Spam on Facebook
  16. Not Able to Deliver UPS Package Malware Email
  17. Emiliano Briones Ronquillo Prayer Request Message
  18. Ashley Flores Missing Child Hoax
  19. Bristol Zoo Car Park Attendant Hoax