Beware e-mail messages from UPS

Package delivery company UPS is being used by the bad guys in an attempt to install malicious software.

I have a lot of e-mail addresses and thus attract my fair share of unwanted and malicious e-mail. The latest malware spreading e-mail to land in my in-boxes has purported to be from the package delivery company UPS. Thursday, I received two of these, but there have been other similar messages recently.

As you can see in the picture below, it came with an attached ZIP file.

A malicious email that was not from the UPS package delivery company

ZIP files are commonly used as a container to transmit malicious software. The number in the name of the ZIP file is probably there to evade detection by antivirus software; the numbers were different in the two messages received Thursday.

The ZIP file contained a single EXE called UPSInvoice_997612.exe. I uploaded the file to, where 4 of the 36 antivirus applications detected it as malicious.

As I've noted before: never decide to trust an e-mail message based on the sender. It is very easy to forge the "From" address when sending e-mail.

And, hopefully by now it should go without saying, Windows users should never run an executable file sent by e-mail. Mac and Linux users (including the many new Netbook Linux users) can ignore this warning.

See a summary of all my Defensive Computing postings.

Featured Video

This Nokia virtual-reality camera costs $60,000

Good VR doesn't come cheap, as evidenced by Nokia's Ozo 360-degree video camera. Meanwhile, Swatch's next smartwatch has mobile payments, and Blocks lets you build your own smartwatch.

by Bridget Carey