Another United Parcel Service (UPS) spam has been discovered and this involves emails regarding failed package deliveries due to a faulty recipient address.
The emails carry different subjects like:
The email is sent from a spoofed UPS address firstname.lastname@example.org and has the following body:
Behind the image is a URL – hxxp://www.wis-freiberg.de/JLBYAWZHRN.htm. This downloads a file named Label_Copy_UPS.zip and contains a 109 kB executable file called Label_Copy_UPS.exe.
Quick Heal successfully detects and deletes the attached file along with the installed rogueware from your machine.