Spam Mails Spoofing Parcel Shipping Firm yet again Detected
Security experts are cautioning Internauts about hoax e-mails posing as communication from USPS (United States Postal Service) presently circulating online, published Help Net Security dated November 6, 2012.
The fake electronic mail asserts that one parcel, which the e-mail recipient sent couldn't be handed over owing to incorrect postal address. He therefore requires clicking one given web-link for taking a print out of the merchandise tag that he should then present before the local USPS branch for the mistake's correction.
The e-mail that carries the USPS sign, merchandise numbers and handing over bar-code makes it indeed appear authentic, the experts remark.
But the e-mail hasn't been sent from USPS. Its notification of unsuccessful transportation of a parcel is also not true. It's rather one effort by cyber-criminals for duping Internet-users into pulling down malicious software onto their computers
Additionally, if anybody clicks the web-link as mentioned he'll be led onto one hijacked site, which will mechanically pull down malware onto the victim's PC. Further, incase the person subsequently executes the pulled down executable it'll cause a Trojan to get planted. Like always, this Trojan will seize confidential personal information out of the contaminated PC as well as relate with the cyber-criminals-operated remote servers. Besides, people who become effectively victimized may confront even more contaminations on their computers, the specialists caution.
The bait of parcel hand-over message, meanwhile, isn't unknown. Attackers frequently utilize it while misappropriating brand names such as FedEx, DHL, UPS as also similar other firms.
It's therefore advisable that Internet-users always remain careful while handling unsolicited e-mails or likewise electronic mail attachments, no matter whether the messages seem as arriving from trustworthy entities.
Even better will be to verify any e-mail notification asserting as being sent from a parcel shipping firm, via telephone with that particular firm, prior to proceeding with any action, the experts suggest.
Eventually, cyber-criminals exploiting USPS brand through one malware-laced bulk e-mail scheme isn't new. During November 2011, a likewise e-mail outbreak was reported when GFI Software warned end-users about messages regarding an unsuccessful 'package hand-over' while they carried PDF files that, in reality, were rogue software.
Related article: Spam Scam Bags a Scottish Connection
» SPAMfighter News - 13-11-2012