Claim your undelivered package…hmm malware

As if malicious emails promising freebies are not enough, some scamsters have hit upon using unclaimed parcels as a bait for sending malwares (viruses, worms and trojans) through emails. I received one such email stating that the parcel I sent could not be delivered and I had to collect from their department by printing the attached invoice. Coincidentally, I had indeed sent one parcel but later realised that it was through a different vendor and just for the heck of it went through the email.

As expected the email was indeed a malware carrier. Though the FROM address looked genuine, it had the patterns of a spoofed email id and this was confirmed when my email virus scanner detected the message attachment as having a virus.

The email states that:

 


“Unfortunately we were not able to deliver the package you have sent on the 19th in time because the recipient’s address is wrong.Please print out the invoice copy attached and collect at our dept”

 

 

 

From Snapshot of the spoofed email

In this case it has spoofed the email address of one of the renowned courier company.

I am beginning to think what if the database of the courier companies was compromised and indeed these scamsters started to send such emails to the genuine users. On one hand I believe the layered defense mechanism would stop it, what if the user disabled their AV (believe me I have seem some users do that)….

Ensuring your system of the following must keep your system in good stead:

– Antivirus with latest virus definitions.

-Personal Firewall

-Up-to-date with Operating System patches*

* It doesn’t matter if you have an AV and Firewall, but if its not up-to-date with Operating System patches, that’s sufficient to get your system infected and most of the people seem to overlook this.