{"id":72638,"date":"2011-04-12T13:38:15","date_gmt":"2011-04-12T13:38:15","guid":{"rendered":"https:\/\/localhost\/wordpress\/?p=72638"},"modified":"2011-04-12T13:38:15","modified_gmt":"2011-04-12T13:38:15","slug":"ups-malware-attachments","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/ups-malware-attachments\/","title":{"rendered":"UPS Malware attachments."},"content":{"rendered":"<p>From last few days we have seen a significant increase in the activity related to spam E-mail messages. One of cause of rise is due to malware being heavily distributed by emails as an attachment. The package delivery mails have increased.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/graph.JPG\" alt=\"\" width=\"644\" height=\"304\" \/><\/p>\n<p>The email claims itsels to be from UPS or Postal Expres courier service companies and inform users about delivery failure of postal package.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/invoice111.jpg\" alt=\"\" width=\"703\" height=\"407\" \/><\/p>\n<p>The message instructs the user to open the attached file. The attachment may contain following files.<\/p>\n<p>Invoice_Copy.zip<br \/>\nPost_Express_Label.zip<br \/>\nUPS.zip<\/p>\n<p>when the zip file extracted the user will get a exe file with an icon of a word document.<br \/>\nWhen you open the exe file, it will probably installs a Trojan and may download other malwares too.<\/p>\n<p>We have observed that all the infected emails comes with below subject lines:<\/p>\n<p>UPS Delivery Problem NR56378<br \/>\nUPS INVOICE NR9094991<br \/>\nPost Express Service. Get the parcel NR 45556<br \/>\nPost Express Delivery. You need to get a parcel NR 70536<\/p>\n<p>If you come across such E-mails do not open the attachment. Instead delete them and keep your Antivirus updated.<br \/>\nQuick Heal detects the malicious attached file as TrojanDownloader.Dofoil.d<\/p>\n<p>Thanks Santosh for the analysis report.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>From last few days we have seen a significant increase in the activity related to spam E-mail messages. One of cause of rise is due to malware being heavily distributed by emails as an attachment. The package delivery mails have increased. The email claims itsels to be from UPS or Postal Expres courier service companies [&hellip;]<\/p>\n","protected":false},"author":22,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-72638","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72638"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/22"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=72638"}],"version-history":[{"count":0,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72638\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=72638"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=72638"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=72638"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}