The emails, titled “Your UPS Invoice is Ready” have spoofed headers to make it appear as though it came from a ups.com email address and urge the user to download the attached file to view and pay their new UPS invoice.
From: UPSBilling (RosannahColleen4g@ups.com)
Subject: Your UPS Invoice is Ready
This is an automatically generated email. Please do not reply to this email address.
Dear UPS Customer,
New invoice(s) are available for the consolidated payment plan(s) / account(s) enrolled in the UPS Billing Center
Please view UPS Billing Center attach document to view and pay your invoice.
(c) 2012 United Parcel Service of America, Inc. UPS, the UPS brandmark, and the color brown are trademarks of United Parcel Service of America, Inc. All rights reserved.
Please do not reply directly to this e-mail. UPS will not receive any reply message.
For questions or comments, visit Contact UPS.
This communication contains proprietary information and may be confidential. If you are not the intended recipient, the reading, copying, disclosure or other use of the contents of this e-mail is strictly prohibited and you are instructed to please delete this e-mail immediately.
Don't be fooled, though. The attached file (“UPS document.zip”) contains a variant of the Win32/Injector.XYG Trojan, not a copy of your UPS invoice. So do NOT download or open it!
Instead, it is recommended that you:
- Report the email to UPS by forwarding the email and its full headers to firstname.lastname@example.org.
- Delete the email immediately.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.