Quote:
Originally Posted by SiliconJon Attention Virus Warning
There's an email going around claiming to be from UPS that is not. It claims a package delivery failure and asks the recipient to open the attached waybill, which is the actual viral payload.
Does anyone have any exact details of this email's current structure? I've found one person who said the subject was "UPS Tracking Number ....." - If anyone has any more details regarding this email I would appreciate it. |
This is what I just received, I thought it was a bit suss and glad I did a bit of research before opening the attachment.
Return-Path: <jjvv@blem.com>
Received: from nskntingx05p.mx.bigpond.com ([216.212.61.154])
by nskntmtas05p.mx.bigpond.com with ESMTP
id <20080722130507.UARA16527.nskntmtas05p.mx.bigpond. com@nskntingx05p.mx.bigpond.com>;
Tue, 22 Jul 2008 13:05:07 +0000
Received: from host61-154.birch.net ([216.212.61.154])
by nskntingx05p.mx.bigpond.com with ESMTP
id <20080722130504.TXCI2223.nskntingx05p.mx.bigpond.c om@host61-154.birch.net>;
Tue, 22 Jul 2008 13:05:04 +0000
Received: from [216.212.61.154] by vmx0.viatel.net; Tue, 22 Jul 2008 07:05:04 -0600
Message-ID: <01c8ebc9$43e39000$9a3dd4d8@jjvv>
From: "United Parcel Service" <jjvv@blem.com>
To: <shantidwyer@bigpond.com>
Subject: UPS Tracking Number 3897844287
Date: Tue, 22 Jul 2008 07:05:04 -0600
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0006_01C8EBC9.43E39000"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 4.72.2106.4
X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4
X-RPD-ScanID: Class bulk; VirusThreatLevel high, RefID str=0001.0A150202.488542CC.0004,ss=3,sh,vtr=0001.0 A150204.488518F4.0081,vl=2,vh,fgs=0
X-Antivirus: AVG for E-mail 8.0.138 [270.5.3/1565]
This is a multi-part message in MIME format.
------=_NextPart_000_0006_01C8EBC9.43E39000
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Unfortunately we were not able to deliver postal package you sent on July the 1st in time
because the recipient’s address is not correct.
Please print out the invoice copy attached and collect the package at our office
Your UPS
No virus found in this incoming message.
Checked by AVG -
AVG Anti-Virus and Internet Security - Real-time protection against viruses, spyware and malicious websites
Version: 8.0.138 / Virus Database: 270.5.3/1565 - Release Date: 7/21/2008 6:36 PM
------=_NextPart_000_0006_01C8EBC9.43E39000
Content-Type: application/zip;
name="UPS_INVOICE_978172.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="UPS_INVOICE_978172.zip"