| Author |
Message |
joe-tele ( 20)
Forum legend
Joined: 22 Sep 2004
Posts: 1543
United Kingdom
Gloucester, land of cameltoe jogging bottoms
| | Posted: Wed 13 Aug 2008 9:24 | |
Hi guys, just to give you a heads-up re a couple of emails from 'UPS' and 'Fedex' I've received recently...
A Widespread, Convincing and Dangerous UPS Scam
A UPS scam, where victims are lured into clicking a download link, is sweeping through inboxes. It's happening right now but the lesson it teaches us is good for all time.
If you've ever received a package via the parcel company -- and most of us have -- you might be tempted to take seriously an email that seems to come from them, saying they have a package for you.
But what if that email also asks you to open an attachment, that appears to be a Microsoft Word document? Would you be suspicious? Would you click on it?
Hopefully not.
But hundreds, maybe thousands, of people have done just that, only to discover, if they're lucky, the whole thing is a scam and that clicking on the attachment downloads a virus onto their PC. (This does not affect Mac users.)
We say "if you're lucky" to make the discovery because, if you don't, the virus will just sit there doing its evil work -- reading your files, including confidential information, then transmitting the details to a server somewhere in Russia.
At least if you know it's there, you can do something about it.
Actually, this UPS scam malware is not a virus but a Trojan -- the difference being that a virus replicates itself and sends itself to other computers, whereas a Trojan must be sent out by someone (usually in a spammed message) and then actually be installed by the victim.
However, that doesn't make it any less lethal once it hits your machine.
So far, there seem to be two main variations of the offending spammed email -- both looking like a genuine notification.
The first one tells you the parcel service tried but was unable to deliver a package to you due to their having an incorrect address. The subject heading usually has a phony tracking number. The attachment is supposedly a copy of a waybill or invoice for you to print and use to collect the parcel from a UPS office.
The second is a customs notification and may even seem to come from "US Customs Service" rather than UPS. It says you have an international package (usually from France) and that you need to complete the attached customs form so it can be delivered.
In both this and the UPS scam, the attachment is a compressed ZIP file (that is, one with a name that ends in ".zip" , even though the icon may look like a Word document. As soon as you double click on it, you're doomed.
It installs a downloading program that then fetches and installs at least two more files on your system. These may disable your firewall, look for and steal credit card and bank account details, make screen snapshots and allow hackers continued access to your machine.
UPS has issued a warning telling customers not to click the attachment. The firm also points out that although it sometimes does send out email notifications, it rarely uses attachments. You can read the entire message from UPS on their site.
Similarly, US Customs says it normally contacts people by letter rather than email.
Action: One of the worrying aspects of the UPS scam was that, at first, most Internet security software failed to spot the Trojan and allowed it to install. Subsequently, they all issued virus definition updates so, if your program is up to date, you should be OK.
If you do get the email, delete it. It shouldn't harm you, provided you don't click the attachment.
Of course, this attack underlines the danger of ever clicking on an attached file, even if it appears to come from a person or organization you know or frequently deal with.
You just can't be sure. And, although it may take a little more time, it's relatively easy to check out how genuine an attachment is by contacting the sender by phone or email (keying in their email address yourself rather than hitting the 'reply' button!).
In the case of the UPS scam, so many people are regular users of UPS they allowed this familiarity to cloud their judgment and clicked on the link.
If your machine does become infected, disable system restore, boot your computer into safe mode, update your virus definitions and then run a full system scan.
If you're not sure how to do this, check your operating system and security software documents. If you don't have security software installed -- now is the time!
|
|
stevestory (  15)
Moderator
Gold Member
Joined: 01 Jul 2005
Posts: 2264
United Kingdom
Southend-on-sea
| | Posted: Wed 13 Aug 2008 11:31 | |
Its good being a Mac user
|
|
joe-tele (20)
Forum legend
Joined: 22 Sep 2004
Posts: 1543
United Kingdom
Gloucester, land of cameltoe jogging bottoms
| | Posted: Wed 13 Aug 2008 11:35 | |
Yeah the first one I got, I checked on my folk's mac before realising what it was (they must attack ebay sellers!). The all the ones I've checked since on windows pcs have been instantly deleted
|
|
davedarlo (12)
Forum legend
Joined: 06 May 2006
Posts: 537
United Kingdom
Darlington
| | Posted: Wed 13 Aug 2008 20:04 | |
Is it good having bat radar tele? is it ? is it? suits you sir
Assumption is the mother of all fcuk ups |
|
joe-tele (20)
Forum legend
Joined: 22 Sep 2004
Posts: 1543
United Kingdom
Gloucester, land of cameltoe jogging bottoms
| | Posted: Wed 13 Aug 2008 20:19 | |
I believe it's called 'sonar' and in my new movie you get to see it in action
|
|
Gilmour1978 (8)
True muso
Joined: 11 Dec 2007
Posts: 446
United Kingdom
Warrington
| | Posted: Mon 18 Aug 2008 0:31 | |
Here's a lovely e-mail I just received.... I can't believe my financial lucky stars (Ahem!)
------------------------------------------------------------------------------------------------ -----------------------
Compliment Of The Day
It is understandable that you might be a little bit apprehensive because
you do not know me but I have a lucrative business proposal of mutual
benefits to share with you.
Let me start by introducing myself. I am Mr. Chen Guangyuan operations
manager of the Bank of China (Hong Kong), Eastern Commercial Centre, 393-407
Hennessy Road, Wan Chai, HongKong. I have an obscured Business suggestion
for you.
In June, 2001, my late client Ghazi Musa Hassan, an Iraqi Crude oil
merchant made a numbered fixed deposit of Twenty-one million Five Hundred
Thousand United State Dollars (US$21,500,000.00) only in my branch. Upon
maturity several notice was sent to him, even during the war (U.S invasion
of Iraq), Five years ago (2003). Again after the war another notification
was sent and still no response came from him. We later found out that Ghazi
Musa Hassan, and his family had been killed during the war in a bomb blast
that hit his home at Mukaradeeb where is personal oil well was:
After further investigation it was also discovered that Ghazi Musa Hassan
did not declare any next of kin in his official papers including the paper
work of his bank deposit and he also confided in me the last time he was in
my office that no one except me knew of his deposit in my bank. So,
Twenty-one million five Hundred Thousand United State Dollars is still lying
in my bank and no one will ever come forward to claim it. What bothers me
most is that according to the laws of my country at the expiration of seven
{7} years the funds will revert to the ownership of the Hong Kong Government
if nobody applies to claim the funds.
Against this backdrop, my suggestion to you is that I will like you as a
foreigner to stand as the next of kin to Ghazi Musa Hassan so that you will
be able to receive the funds.
MODALITIES:
I want you to know that I have had everything planned out so that we shall
come out successful. I have an attorney that will prepare the necessary
document that will back you up as the next of kin to Ghazi Musa Hassan, all
that is required from you is to provide me with your Full Names and Address
so that the attorney can commence his job. After you have been made the next
of kin, the attorney will also fill in for claims on your behalf and secure
the necessary approval and letter of probate in your favor for the movement
of the funds to an account that will be provided by you. We are going to
adopt a legalized method and the attorney will prepare all the necessary
documents in your favor.
There is a reward for this project and it is a task well worth undertaking.
There is no risk involved at all in this transaction, I have evaluated the
risks and the only risk I have here is for you refusing to work with me and
alerting my bank. I am the only one who knows of this situation, good
fortune has blessed you with a name that has planted you into the center of
relevance in my life. Please endeavor to observe utmost discretion in all
matters concerning this issue. Once the funds have been transferred to your
nominated bank account we shall share in the ratio of 60% for me, 10% for
legal and other miscellaneous expenses and 30% for you but this can be
subjected to further negotiations. I send you this mail not without a
measure of fear as to what the consequences, but I know within me that
nothing ventured is nothing gained and that success and riches never come
easy or on a platter of gold. Please observe this instruction religiously.
Should you be interested please send me your,
1, Full names,
2, Private phone number (s),
3, Current contact address,
And I will prefer you reach me on my private email address:
(Removed for obvious reasons!) and finally after that I shall furnish you with more
information's about this operation. Your earliest response to this letter
will be appreciated.
Kind Regards,
Lin Yongze.
------------------------------------------------------------------------------------------------ -----------------------
------------------------------------------------------------------------------------------------ -------------------------------------------------------------------
Wow.... Really!?....30% of Twenty-one million five Hundred Thousand United State Dollars for me? And all I have to do is e-mail my phone number, name and address?! Who'd of thought making that amount of cash was so easy?!
Jeez!!
-------------------------------------
Edited: Mon 18 Aug 2008 1:33
| | Listen to my music: |
|
Get the Flash Player to see this player.
|
|
joe-tele (20)
Forum legend
Joined: 22 Sep 2004
Posts: 1543
United Kingdom
Gloucester, land of cameltoe jogging bottoms
| | Posted: Mon 18 Aug 2008 9:02 | |
Yeah, I've had loads like that! Plus a guy/gal who veers between John and Joan Cummuta keeps telling me my debts could make me rich! (I wasn't aware I had any...)
And then emails from Barclays, Abbey, Nationwide and Lloyds telling me they're performing a security check/are missing data and need me to complete my banking details on a form and email it back to them! Surely my bank should know my account details...?
|
|
stevestory (15)
Moderator
Gold Member
Joined: 01 Jul 2005
Posts: 2264
United Kingdom
Southend-on-sea
| | Posted: Mon 18 Aug 2008 11:20 | |
It is understandable that you might be a little bit apprehensive because
you do not know me but I have a lucrative business proposal of mutual
benefits to share with you.
Let me start by introducing myself....
There you go, It's all there in the intro and sounds totally above board! Send your credit card details and divulge all your personal info asap! lol
|
|
Gilmour1978 (8)
True muso
Joined: 11 Dec 2007
Posts: 446
United Kingdom
Warrington
| | Posted: Mon 18 Aug 2008 17:39 | |
It's the "Compliment of the day" bit I liked. What's the compliment? really they're saying "Dear potential thick fu*ker, we do hope all six of your brain cells are turned to the off position whilst we attempt to fleece the feck out of you!"
------------------------------------------------------------------------------------------------ ---------------------------------
www.myspace.com/mikegarvey78
| | Listen to my music: |
|
Get the Flash Player to see this player.
|
|
