{"id":74134,"date":"2012-05-15T11:37:49","date_gmt":"2012-05-15T11:37:49","guid":{"rendered":"https:\/\/blogs.quickheal.com\/?p=74134"},"modified":"2012-05-15T11:37:49","modified_gmt":"2012-05-15T11:37:49","slug":"rougeware-data-recovery-through-fake-usps-email","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/rougeware-data-recovery-through-fake-usps-email\/","title":{"rendered":"Rougeware “Data Recovery” through Fake USPS email"},"content":{"rendered":"

A few days backs I posted a blog<\/a> regarding fake USPS (United States Postal Service) emails. Today I have once again come across a similar sort of fake email which pretends to be from USPS with the subject: “Your postal label is available.”<\/p>\n

\"Fake<\/a><\/p>\n

The mail states that USPS failed to deliver the product to the mentioned address so you have to personally visit the nearest USPS office to collect the parcel. The required information\u00a0regarding\u00a0the parcel is attached with the mail.\u00a0Allegedly, there were many other examples of such fictitious emails from USPS. Some users may mistakenly view this email as genuine. Indeed, it does look quite authentic.<\/p>\n

The attachment contains an executable file which belongs to the TrojanDownloader.Kuluoz<\/strong> family and has a PDF file icon. When anyone mistakenly executes this file, it downloads other malware which may be keyloggers, backdoors or some other Trojans. In my case, it downloaded and installed a rogueware named Data Recovery<\/strong>.<\/p>\n

\"Data<\/a><\/p>\n

 <\/p>\n

\"Activate<\/a><\/p>\n

Quick Heal<\/a>\u00a0successfully detects and deletes the attached file and the installed rogueware.<\/p>\n","protected":false},"excerpt":{"rendered":"

A few days backs I posted a blog regarding fake USPS (United States Postal Service) emails. Today I have once again come across a similar sort of fake email which pretends to be from USPS with the subject: “Your postal label is available.” The mail states that USPS failed to deliver the product to the […]<\/p>\n","protected":false},"author":22,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,24],"tags":[22,23,26,40,104],"class_list":["post-74134","post","type-post","status-publish","format-standard","hentry","category-email","category-malware","tag-email-malware","tag-fraudulent-email","tag-rogueware","tag-trojan","tag-usps"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/74134"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/22"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=74134"}],"version-history":[{"count":0,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/74134\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=74134"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=74134"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=74134"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}