Beware of Emails Bearing Gifts

Have you seen an email entitled UPS notification? Have you received an unexpected email telling you about a parcel sent your home address, when you have nothing on order? Do you feel excited at the thought of getting an unexpected gift?

Unfortunately, that is not a mysterious present in the post, but a piece of malicious software, or malware, called the UPS Notification Virus. This is an automated attempt to install a Trojan on your computer, which is a piece of software that would connect to a medium risk domain in Russia and subsequently download all manner of undesirable additions to your computer.

If you are fortunate enough to operate behind a corporate firewall and email gateway this will be intercepted by the mail scanning software, and all you will get is an email with the subject line something like: WARNING. Someone tried to send you a potential virus or unauthorized code. If you see this message you need to do nothing further; the threat has been eliminated by the software.

At home, if you have up to date anti-virus software installed, you may see the email with an additional marker like [Quarantined], or a message from the anti-virus software manufacturers indicating that the threat has been removed. In this event you need to do nothing further except keep your anti-virus software current.

However, if you access your email by a webmail client, and do not subscribe to an anti virus service, then you may see an email in your inbox with the subject of UPS notification. Preview of the email will show you something like this:

Dear customer.

The parcel was sent your home address.
And it will arrive within 3 business day.

More information and the tracking number are attached in document below.

Thank you.
© 1994-2011 United Parcel Service of America, Inc.

In this event, DELETE the email and do not attempt to open the attachment. UPS may sometimes send emails, but generally does not include attachments. If you see this email on a company computer then please additionally inform the local ICT helpdesk, to alert them so that they can investigate how the message reached you.

Remember

  • Only disclose your email address to known individuals and organizations
  • Only open email and attachments from known and trusted sources
  • If in doubt, check with your local IT department or support person if you are not sure that an email is genuine