Monday 17 April 2017, Poradnik bezpieczeństwa

Beware of fake UPS Express e-mail notification

Lost24

Are you waiting for a parcel from the UPS Express courier company?

If so, be careful, because you may be the target of a cyberattack.

Experts from the Avlab have checked the authenticity of suspicious e-mail massages received lately by many network users. In comparison to the the original, the examen e-mails differed only by order number, while the IP address, content, pdf attachment, and website from which the "invoice" should be downloaded were identical.

To make it look even more credible, the messages contained the invoice number, along with the order amount.

Avlab has confirmed that the attached pdf file is not malicious, but the URL adders, redirecting to the external website, is. If the users click on the "download invoice" button, their OS system gets infected with a downloader-type virus, designed to downloads other malicious softwares. The virus is equipped with features that allow it to detect: installed anti-virus software, operating system language, running process manager, and other active windows (eg. malware analysis tools).

Even if we are expecting to receive a parcel from a courier company, we should always double check everything before clicking on the provided links or opening any attach files.