Here is a malware phishing email that warns that USPS needs you to print a label. The attachment Case_nnnn.zip is an executable virus (or Trojan Horse). USPS is a real company, this email isn’t from them. USPS Failure Notification is what you see but what you are really getting a virus is you open this link.
Sample Text of Virus
USPS.COM | Copyright 2013 USPS. All Rights Reserved.
Our companys courier couldnt make the delivery of parcel to you
address at 15th August.
Print your label and show it in the nearest post office to get a parcel.
Bogus UPS delivery notifications are often used by cybercriminals to deliver malware. However, researchers from MX Lab have come across one spam campaign that’s worth looking into.
The email’s body is simple. It reads something like this: “You have attached the invoice for your package delivery. Thank you, United Parcel Service.”
The notification comes with two files attached to it. One of them is an executable file which hides a variant of the notorious ZeuS Trojan (currently detected only by a handful of anti-malware solutions).
The other one is an .HTML file which purports to contain “Important Delivery Information.”
When users click the link that allegedly leads to an invoice, they’re taken to another page that instructs them to download and install a plugin in order to view the document.
The plugin, JavaJREInstaller.exe, is another variant of the ZeuS banking malware.
A Couple of Things to Keep in Mind if you ever receive a suspicious email.
- Keep antivirus up to date – One of the most important things you can do to avoid phishing attacks is keep your antivirus software up-to-date because most antivirus vendors have signatures that protect against some common technology exploits. This can prevent things such as a Trojan disguising your Web address bar or mimicking an https secure link. If your antivirus software is not up-to-date, you are usually more susceptible to attacks that can hijack your Web browser and put you at risk for phishing attacks.
- Do not click on hyperlinks in e-mails – It is never a good idea to click on any hyperlink in an e-mail, especially from unknown sources. You never know where the link is going to really take you or whether it will trigger malicious code. Some hyperlinks can take you to a fake HTML page that may try to scam you into typing sensitive information. If you really want to check out the link, manually retype it into a Web browser.
- Take advantage of anti-spam software – Anti-spam software can help keep phishing attacks at a minimum. A lot of attacks come in the form of spam. By using anti-spam software such a Qurb, you can reduce many types of phishing attacks because the messages will never end up in the mailboxes of end users.
- Verify https (SSL) – Whenever you are passing sensitive information such as credit cards or bank information, make sure the address bar shows “https://” rather than just “http://” and that you have a secure lock icon at the bottom right hand corner of your Web browser. You can also double-click the lock to guarantee the third-party SSL certificate that provides the https service. Many types of attacks are not encrypted but mimic an encrypted page. Always look to make sure the Web page is truly encrypted.
- Use anti-spyware software –Keep spyware down to a minimum by installing an active spyware solution such as Microsoft’s Windows Defender and also scanning with a passive solution such as Spybot. If for some reason your browser is hijacked, anti-spyware software can often detect the problem and provide a fix.
- Get educated – Educate yourself on how to prevent these types of attacks. A little research on the Internet may save you a great deal of pain if you are ever the victim of identity theft. You can report any suspicious activity to the FTC (in the U.S.). If you get spam that is phishing for information, forward it to firstname.lastname@example.org. You can also file a phishing complaint at www.ftc.gov. Another great resource is the FTC’s identity theft page to learn how to minimize your risk of damage from ID theft. Visit the FTC’s spam page to learn other ways to avoid e-mail scams and deal with deceptive spam.