Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Fake UPS Spam E-mails Spread Malware

Security researchers at Vietnamese security vendor BKIS (Bach Khoa Internet Security) have warned against a new series of spam emails impersonating United States Postal or UPS service. These spam e-mails target innocent netizens.

This spam e-mail comes with the subject lines "USPS Delivery Problem NR#######" (# is a random digit) and is spoofed, highlights BKIS.

The fake email informs the recipient that the UPS could not deliver the postal package sent on September 19, 2010 in time due to some mistake in the address of the package receiver. Further, the spam e-mail recipient is asked to take a print out of the attached shipment label [USPSLabel.doc] and collect the parcel from the UPS office.

To give an impression of a genuine e-mail, the spam e-mail concludes with an official signature of the USPS.

According to BKIS, the spam e-mail attachment actually contains a variant of Oficla Trojan. Oficla is also called Sasfis by some security vendors. It belongs to the family of downloader-type Trojans generally used as a distribution platform for other malware; especially rogue anti-virus (AV) programs.

Commenting on the issue, Nguyen Van Sao, malware Researcher at BKIS, said that the Trojan dropped a file called bfky.ojo in the system32 folder and added it to the [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell] registry key to start on every system reboot, as reported by Softpedia on September 28, 2010.

BKIs also highlighted an important part of this spam e-mail campaign. To bypass users' spam filter, it contains an image file rather than a text file. BKIS further states that unfortunately, not many AVs have been able to identify the computer virus spread by the spam e-mail.

As per security experts, these types of Oficla distribution campaigns are one of the main factors for an increase in the number of e-mails enclosing malicious attachments during recent months.

The security firm suggests users to be more cautious while opening e-mail attachments from unknown senders. Besides, users are advised to be wary of e-mails with unauthenticated content to prevent incidents of malware attacks.

Related article: Fake Spam Mail Announces Australian PM’s Heart Attack

» SPAMfighter News - 10/6/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Press Releases - IT Security News

Go back to previous page
Next
-->

Products

SPAMfighter
SLOW-PCfighter
FULL-DISKfighter
DRIVERfighter
VIRUSfighter
SPYWAREfighter
Anti spam / Anti virus business solutions

About

Company
Contact us
Press room
Support
Blog
Sign up for newsletters

Partnerships

Become a partner
Become a reseller
Find a reseller
Become an affiliate
White Label Software

Social media

Facebook
Twitter
Youtube
LinkedIn
© SPAMfighter 2003-2024    All rights reserved.    Privacy Statement    Sitemap