It claims to come from UPS, the represented address is UPSBillingCenter@ups.com, it has an attached zip file named UPS_Invoice_8890001251.zip, which contains a file called Report_03102013.exe. It is also possible that the .zip file and .exe files will have slightly different numbers in their names to help defeat spam and virus filters. It is either spoofed or hacked. DON'T OPEN IT; IT IS A VIRUS!
Delete and move on with your day!
The message hails from Greenford, London, England. It looks like it was somehow routed or spoofed through Citibank; 524DC67B.901010@citibank.com. Citibank.com does not designate 46.37.50.131 as permitted sender.
Infected Virus Spam Mail Text;
This is an automatically generated email. Please do not reply to this email address.
Dear UPS Customer,
New invoice(s) are available for the consolidated payment plan(s) / account(s) enrolled in the UPS Billing Center
Please open attached file to view and pay your invoice.
________________________________________
(c) 2013 United Parcel Service of America, Inc. UPS, the UPS brandmark, and the color brown are trademarks of United Parcel Service of America, Inc. All rights reserved.
For more information on UPS's privacy practices, refer to the UPS Privacy Policy.
Please do not reply directly to this e-mail. UPS will not receive any reply message.
For questions or comments, visit Contact UPS.
Just that. SPAM and SCAMS that we've found or that have been blocked by our powerful SPAM Mail Filter. Posted here in an effort to help people avoid a grave mistake.
Tired of SPAM? We can help you stop it.
CLICK HERE NOW!
We can set up a filter for your business e-mail domain to stop garbage like this from ever reaching your inbox.
CLICK HERE NOW!
We can set up a filter for your business e-mail domain to stop garbage like this from ever reaching your inbox.
Thursday, October 3, 2013
Your UPS Invoice is Ready
Labels:
.exe,
.zip,
Attachment,
citibank.com,
england,
london,
UPS,
UPS Billing Center,
ups.com,
virus
Location:
Greenford, Greater London, UK
Subscribe to:
Post Comments (Atom)
It has been brought to my attention that the virus I posted about earlier is also disguising itself as a notification from U.S. Postal Service. Be careful, it is a nasty piece of ransomware... http://www.geek.com/apps/disk-encryptiing-cryptolocker-malware-demands-300-to-decrypt-your-files-1570402/
ReplyDelete