Package delivery company UPS is being used by the bad guys in an attempt to install malicious software.
I have a lot of e-mail addresses and thus attract my fair share of unwanted and malicious e-mail. The latest malware spreading e-mail to land in my in-boxes has purported to be from the package delivery company UPS. Thursday, I received two of these, but there have been other similar messages recently.
As you can see in the picture below, it came with an attached ZIP file.
ZIP files are commonly used as a container to transmit malicious software. The number in the name of the ZIP file is probably there to evade detection by antivirus software; the numbers were different in the two messages received Thursday.
The ZIP file contained a single EXE called UPSInvoice_997612.exe. I uploaded the file to VirusTotal.com, where 4 of the 36 antivirus applications detected it as malicious.
As I've noted before: never decide to trust an e-mail message based on the sender. It is very easy to forge the "From" address when sending e-mail.
And, hopefully by now it should go without saying, Windows users should never run an executable file sent by e-mail. Mac and Linux users (including the many new Netbook Linux users) can ignore this warning.
See a summary of all my Defensive Computing postings.