The Latest in IT Security

Fake delivery notification gets confused, has nice lie down

05
Dec
2012

Looks like some scammers had a bit of a mix-up while counting out their cash on a gold plated yacht.

Click to Enlarge

Here’s the contents of the mail. The text in bold is a not-very-subtle clue:

The UPS Office“:

Order: SD-5468-482485468
Order Date: Monday, 2 December 2012, 11:23 AM
Dear Customer,
Your parcel has arrived at the post office at December 4.Our postrider was unable to deliver the parcel to you.
To receive a parcel, please, go to the nearest our office and show this postal receipt.Order: SD-5468-482485468
Order Date: Monday, 2 December 2012, 11:23 AM
Dear Customer,
Your parcel has arrived at the post office at December 4.Our postrider was unable to deliver the parcel to you.
To receive a parcel, please, go to the nearest our office and show this postal receipt.

Best regards,
The FedEx Team

Whoops.

You’ll be happy to know that some web browsers are onto this slice of trickery. Attempting to download the offered file with Chrome (for example) pops the following warning message:

So that’s good. If you still end up with the file on your PC – maybe your browser doesn’t catch it, or maybe you just really want some Malware for Christmas – the “postal receipt” will appear to be a Word document lurking inside a zip file.

It isn’t a word document:

Opening the “Word document” (which is actually just an executable file in disguise) will infect your PC with a little something we detect as Trojan.Win32.Generic.pak!cobra. Before you know it, your Trojan chum will delete the original file, create hidden files and make network connections…generally not typical behaviour where a postal receipt is concerned (unless you live in the Eighth Circle of Hell).

These infection files have been linked to Ransomware, in this case something called “Wheelsof” and you may well find yourself locked out of your PC if unfortunate enough to fall for this one. A lot of these fake delivery notices are pretty convincing, but hopefully the peculiar mashup of FedEx and UPS is the kind of tip-off that’s up there with Pippin lighting the Warning Beacons of Gondor.

Christopher Boyd (Thanks to the Labs for finding this one)

Leave a reply


Categories

SATURDAY, OCTOBER 20, 2018
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks