The Scam & Spam Report
Posts Tagged ‘United Parcel Service of America’
This one is not new, but it is still a nasty one. Since yesterday, I have received 8 of these types of messages, all caught by my virus scanner and rendered harmless.
I decided to do a little digging this time around and find out just a little bit more about these messages.
The nasty payload that accompanies these messages is contained in an attached image file with various names that are probably randomly generated. For example, the messages I received had infected JPEG images with the following filenames: 2664423.jpg, 5617431.jpg, 2478363.jpg, 4599357.jpg, 6464145.jpg, 6178909.jpg, 9222752.jpg and 2535916.jpg. If opened, the images look like this:
In addition to displaying the above image, the modified JPEG file will attempt to infect your PC with malware known as “FakeAlert.” At least that is the way my anti-virus application identified it. FakeAlert infects your PC and pops up messages on the user’s screen claiming that the PC is infected with a virus. Kind of ironic, huh? The messages lead victims to believe that they need to register an anti-virus program in order to rid their PC of the infection. As one might suspect, registering the alleged anti-virus program is not free, and the scumbag that sent the message most likely gets a cut of the profits.
The messages I received were sent by a number of mail servers which were probably compromised (“hacked”) by the senders of these messages. The servers that sent the spam messages to me were all located in the U.S., which is a little unusual when compared with most of the other spam I get, but the spammers have evidently found fertile ground on some systems here in the U.S. to spew out their crap from. They can always count on the fact that some system administrator has not properly secured their system or some new bug will come along that will allow them to exploit systems that they are not authorized to use.
This batch is also a bit different since the messages do not have the same bogus claims about a package that was intended for the recipient but was unable to be delivered. This time, it appears the messages are just a sentence or two that was probably scraped from a news site. Really does not make sense to get a message that is supposedly from UPS and contains random news headlines, but this may be a tactic that makes this spam appear more legitimate and have a better chance of bypassing spam filters.
Here are the ones that I received:
|
From: UPS Support, Misty Lelacheur [aerichter@ups.com] Analyst: Higher 2Q home orders for Lennar, KB Home The Most Awesome |
|
From: UPS Manager, Doug Eggleton [philalan@ups.com] Video: The Great Explorer, Part 2 Worker runs over people at Japanese |
|
From: United Parcel Service of America, Deane Schornick [maxxaz@ups.com] Existing home sales weak but supply falls Video: "Female Viagra" |
|
From: UPS PostBox-Manager, Martin Kauffman [fashionseal@ups.com] AP source: White House budget chief stepping down Salazar creates new |
|
From: United Parcel Service of America, Magdalena Scanlon [octf@ups.com] Election Problems Blog Dr. Phil Highlights CBS Investigation Obama |
|
From: UPS PostBox-Manager, Valarie Reinholtz [billcoons@ups.com] Remade in NY: French ex-1st lady has new life NM father, 2 sons die |
|
From: UPS Support, Quincy Cockshot [bawidmaier@ups.com] Emanuel Casts Barton Apology as GOP Philosophy "Shmutz" Report: NYC |
|
From: United Parcel Service of America, Carlene Carridine [mothena@ups.com] Stocks extend gains as China eases currency policy Gulf of Mexico oil |
Well, I’ll tell you one thing. If you open the attachment that came with this message, you might very well end up with a “Problem.”
The attachment contains a virus which was caught and removed by my anti-virus software and was not sent by UPS as it claims.
Nice try amateurs, but you didn’t make the cut!
For those who may have received this and opened the attachment, you may not notice much happening to your PC and think you are safe, but don’t be too sure. It’s very possible that the virus contained is designed to hide on your PC and monitor your activity with the intent of capturing passwords and other personal information.
If you think the virus may have infected your PC, you are strongly urged to scan it thoroughly for any sign of infection immediately.
|
From: Support Delmer Faulkner [manager@ups.com] Dear customer! We failed to deliver postal package you have sent on the 21st of United Parcel Service of America. |