Fake UPS Spam E-mails Spread Malware
Security researchers at Vietnamese security vendor BKIS (Bach Khoa Internet Security) have warned against a new series of spam emails impersonating United States Postal or UPS service. These spam e-mails target innocent netizens.
This spam e-mail comes with the subject lines "USPS Delivery Problem NR#######" (# is a random digit) and is spoofed, highlights BKIS.
The fake email informs the recipient that the UPS could not deliver the postal package sent on September 19, 2010 in time due to some mistake in the address of the package receiver. Further, the spam e-mail recipient is asked to take a print out of the attached shipment label [USPSLabel.doc] and collect the parcel from the UPS office.
To give an impression of a genuine e-mail, the spam e-mail concludes with an official signature of the USPS.
Commenting on the issue, Nguyen Van Sao, malware Researcher at BKIS, said that the Trojan dropped a file called bfky.ojo in the system32 folder and added it to the [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell] registry key to start on every system reboot, as reported by Softpedia on September 28, 2010.
BKIs also highlighted an important part of this spam e-mail campaign. To bypass users' spam filter, it contains an image file rather than a text file. BKIS further states that unfortunately, not many AVs have been able to identify the computer virus spread by the spam e-mail.
As per security experts, these types of Oficla distribution campaigns are one of the main factors for an increase in the number of e-mails enclosing malicious attachments during recent months.
The security firm suggests users to be more cautious while opening e-mail attachments from unknown senders. Besides, users are advised to be wary of e-mails with unauthenticated content to prevent incidents of malware attacks.
Related article: Fake Spam Mail Announces Australian PM’s Heart Attack
» SPAMfighter News - 06-10-2010