Discussions
A VIrus! Anybody Else Find UPS_INVOICE_187271.zip in Their Inbox?
Posted by Norski • 7/24/08 • Subscribe to this Discussion [RSS] • Report This Topic
Tags: e-mail, email, Security, trojan, ups, virus
This showed up in my email in-box yesterday:
Subject:
A[RE] UPS Tracking Number 1042824494
From:
"United Parcel Service" (vyai[at]branchfinancialsrvcs[dot]com)
The message was:
Unfortunately we were not able to deliver postal package you sent on July the 1st in time
because the recipients address is not correct.
Please print out the invoice copy attached and collect the package at our office
Your UPS
Even with 20-20 hindsight, I can see why I opened the attachment (called UPS_INVOICE_187271.zip). With two obvious exceptions, the message was in grammatically correct English. That weird character where an apostrophe should be might have been a smart character on somebody's system (one reason I don't use smart quotes and the like when I blog or make Web pages).
And, this household has been sending quite a number of documents lately. All through the American postal system, but USPS might have subcontracted to United Postal Service.
So, because if this was one of those documents gone astray, it was important, opened the attachment.
And got a prompt 'oh, no, you don't' message from the Norton/Symantec anti-virus software I use. (It was more formally phrased, of course, something about a backdoor.)
So, I stopped what I was doing and deleted the email.
Last night, the anti-virus software did a scan. This morning it told me "Backdoor.Paproxy has been fully resolved."
The company's website had more detail: securityresponse.symantec.com/security_response/writeup.jsp?docid=2004-0519...
So: Have you run into this one?
User Comments
-
I get all sorts of virus mails in my inbox. This could have been one of them, though I'm not sure.-
Thanks for sharing that. What made this one stand out was that it got past a generally-thorough email filter, and the attachment checked out as okay in that right-click test.
-
time to upgrade your virus definitions or your software!
that reminds me though, i have a UPS package i need to check up on. -
They never give up do they ? They always find some way to get around the system.
-
Both,
Yep. The 'social engineering' (is that the term?) was pretty good on this one - and my wife and I have been doing enough document-shipping lately to make this message plausible enough to check out.
thegoodknife,
'time to upgrade' - that was done yesterday, automatically (SOP). If Symantec is following their SOP, the previous upgrade was a week ago, or less. And, you're right: frequent updating of anti-malware software is a must.
-
Add Your Comment
Login to leave a message.
