According to researchers at McAfee, a new round of malware-laden spam messages using the cover of a package tracking invoice have been discovered.
The messages tell the user that a package sent on July 1 could not be delivered and that the user should open the attacked file and collect the package from a local post office.
When the user loads the supposed invoice, however, the malware attack is launched. The attached .zip archive unloads a .exe trojan file, which then unpacks a spyware program designed to steal user data for several job recruiting sites.
The majority of the spam messages have attempted to impersonate UPS, though the company has also found examples purporting to be from the US customs service.
McAfee has tied the same trojan to another attack which targets the user with a fraudulent receipt for an airplane reservation.
The company believes that the spam run will continue for several more days and is advising users to avoid visiting any suspicious URLs and not to launch any unexpected or suspicious email attachments.
Spammers deliver bogus invoices
By
Shaun Nichols
on Jul 28, 2008 2:03PM
Security experts are warning users of new rash of malicious spam disguised as a parcel tracker..
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Modular computing is helping businesses think bigger without having to go bigger
Promoted Content
NDR meets ransomware threat head on
Promoted Content
How to choose business data storage
Promoted Content
Do you know where your data sleeps at night?
Sponsored Whitepapers
Understanding the next security control points: applications and workloads
Best security practices after rapid Digital Transformation
The CISO View 2021 Survey: Zero Trust and Privileged Access
How and why to backup your Office 365 tenant
ForgeRock for Australia’s Trusted Digital Identity Framework (TDIF)
