Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Fake UPS Spam E-mails Spread Malware

Security researchers at Vietnamese security vendor BKIS (Bach Khoa Internet Security) have warned against a new series of spam emails impersonating United States Postal or UPS service. These spam e-mails target innocent netizens.

This spam e-mail comes with the subject lines "USPS Delivery Problem NR#######" (# is a random digit) and is spoofed, highlights BKIS.

The fake email informs the recipient that the UPS could not deliver the postal package sent on September 19, 2010 in time due to some mistake in the address of the package receiver. Further, the spam e-mail recipient is asked to take a print out of the attached shipment label [USPSLabel.doc] and collect the parcel from the UPS office.

To give an impression of a genuine e-mail, the spam e-mail concludes with an official signature of the USPS.

According to BKIS, the spam e-mail attachment actually contains a variant of Oficla Trojan. Oficla is also called Sasfis by some security vendors. It belongs to the family of downloader-type Trojans generally used as a distribution platform for other malware; especially rogue anti-virus (AV) programs.

Commenting on the issue, Nguyen Van Sao, malware Researcher at BKIS, said that the Trojan dropped a file called bfky.ojo in the system32 folder and added it to the [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell] registry key to start on every system reboot, as reported by Softpedia on September 28, 2010.

BKIs also highlighted an important part of this spam e-mail campaign. To bypass users' spam filter, it contains an image file rather than a text file. BKIS further states that unfortunately, not many AVs have been able to identify the computer virus spread by the spam e-mail.

As per security experts, these types of Oficla distribution campaigns are one of the main factors for an increase in the number of e-mails enclosing malicious attachments during recent months.

The security firm suggests users to be more cautious while opening e-mail attachments from unknown senders. Besides, users are advised to be wary of e-mails with unauthenticated content to prevent incidents of malware attacks.

Related article: Fake Spam Mail Announces Australian PM’s Heart Attack

» SPAMfighter News - 10/6/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page