Oh, spam, spam, spam, and malware

This recent inbox deposit got my attention.

  • Subject: UPS Delivery Problem NR.6256171
  • (Visible) Sender: Manager Rosella Edwards
  • (Visible) Return email: manager@ups.com

 

There was also a not implausible message body considering that is right around the time that lots of Xmas presents get shipped off to various locations.

Hello! We were not able to deliver the package you have sent on the 1st of December in time because the recipient’s address is inexact. Please print out the invoice copy attached and collect the package at our department. /S/ United Parcel Service of America.

 

Of course it was sent to a public ‘info’ address which is not generally used. First Flag. It contained a .zip which I was instructed to open. Second Flag. And the IP where the email was originally sent (obtained from the view headers option in my email client) pointed to a location in Silesia. And Delete.

No. I didn’t open the attachment, which likely contained some variant of a Windows executable malware that wouldn’t have affected my lovely Ubuntu system. I wasn’t that curious, but I was impressed with social engineering involved in this particular bit of malware delivery.

Lesson? Don’t open zips from UPS reporting delivery problems. You’d be p0nwed!

Tags: , ,
Posted in Sharing What Have I Learned |

This entry was posted by on Monday, April 12th, 2010 at 8:49 pm and is filed under Sharing What Have I Learned. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.
«
»

Leave a reply

Name (*)
Mail (will not be published) (*)
URI
Comment