Multiple versions of "Invoice" or UPS delivery notices have been received, linked to malware aimed at stealing financial information.
Example messages:
From: UPS.com <some.name @some.domain.org>
Date: Mon, Nov 13, 2017 at 7:15 AM
Subject: UPS Ship Notification, Tracking Number 0IT41910520287451
To:
You have a parcel coming.
The physical parcel may or may not have actually been tendered to UPS for shipment.
Current status of the delivery is available here.
Scheduled Delivery Date: Monday, 11/13/2017
Shipment Details
From: eBook on Leukemia: Causes, Symptoms & Treatment
Tracking Number: 0IT41910520287451
Number of Packages: 8
Thank you for your business.
__________________
From: Some Name < some different email@someplace.com>Date: Fri, Nov 17, 2017 at 12:02 PMSubject: Invoice number 00744297 issueTo:
HI,
This is your invoice dated 17 Nov 17. If you have questions or concerns, just let me know at 01382 844946.
http://xxxx .yyy/New-invoice-3498177/
Yours Truly,Some Name
Things to Note:
- The name in the "From:" field usually does not match the email address
- In some cases the "sender" name IS known to the recipient (though it is NOT from their email)
- The URL addresses have been in multiple countries, none of them apparently related to UPS or the purported business
Actions
- Do not download (and open) unexpected "invoices"
- If you have downloaded and opened this malware - contact your tech support immediately to assess and determine next steps
- Report and forward any such mail to phishing@umn.edu
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.