Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Royal Mail "Group Shipment Advisory" Malware Emails

Outline
Email purporting to be a shipment advisory from the UK's Royal Mail claims that documents are being shipped to the recipients and that they should open an attached file to view details about the documents.



Brief Analysis
The message is not from the Royal Mail and the attachment does not contain information about shipped documents. Instead, the attachment contains a trojan.

Bookmark and Share
Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:






Last updated: August 27, 2012
First published: August 27, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

Subject: Royal Mail Group Shipment Advisory

The following 1 piece(s) have been sent via Royal Mail on Wed, 22 Aug 2012 15:39:54

SHIPMENT CONTENTS: Documents
SHIPPER REFERENCE: PLEASE REFER TO ATTACHED FILE
ADDITIONAL MESSAGE FROM SHIPPER: PLEASE REFER TO ATTACHED FILE


Royal Mail Group Ltd 2012. All rights reserved.




Detailed Analysis
Inboxes have recently been inundated with emails purporting to be from the UK's Royal Mail. The messages claim that a package is being shipped to the recipients and urges them to open an attached file to review details about the shipment.

However, the emails do not come from the Royal Mail and the claim that a package of documents is being shipped to the user is untrue. Nor does the attached file contain information about a Royal Mail shipment. In fact, the attachment contains malware. Those who fall for the ruse and open the attached .zip file may inadvertently install the Troj/Backdr-HE trojan on their computers.

Very similar ruses have been used a number of times in the past by criminals intent on distributing malware. Over the last several years malicious messages purporting to be from FedEx, UPS, DHL and other delivery services have also falsely claimed that a package has been sent to recipients. As in this version, users were urged to open an attached file, ostensibly to access a delivery invoice or retrieve information about the supposed package. Again, the attached files contained malware.

Be wary of any unsolicited email purporting to be from a mail or courier service that asks you to open an attached file or click a link to view information about a supposed parcel delivery.

Bookmark and Share



References

Royal Mail malware attack distributed via email
FedEx Incorrect Delivery Address Malware Email
Not Able to Deliver UPS Package Malware Email
DHL Notification Malware Email


Last updated: August 27, 2012
First published: August 27, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer