Got this in my email, I think it is a scam, came with an attachment zip file(that I didn't open)...I didn't order anything from anyone that was shipped via, UPS...Below is the email. The seller gives you a tracking # to keep up with your order. I smell a scam??? Bill
Dear customer.
The parcel was sent your home adress.
And it will arrive within 5 days.
More information and the tracking number are attached in document below.
Thank you.
1994-2011 United Parcel Service of America, Inc.
UPS scam???
Moderator: Wiz Feinberg
-
Bill Ford
- Posts: 3862
- Joined: 13 Dec 1999 1:01 am
- Location: Graniteville SC Aiken
UPS scam???
Bill Ford S12 CLR, S12 Lamar keyless, Misc amps&toys Sharp Covers
Steeling for Jesus now!!!
Steeling for Jesus now!!!
-
Wiz Feinberg
- Posts: 6113
- Joined: 8 Jan 1999 1:01 am
- Location: Mid-Michigan, USA
There are two incarnations of this scam. One has a link, or links spoofing UPS, or USPS, which actually go to non-related compromised websites serving, or redirecting to the BlackHole Exploit Kit. The others have an attached file, also serving the BlackHole.
The BlackHole exploit uses JavaScript to probe for out of date plug-ins to your web browser, beginning with Oracle's Java, then moving onto Adobe Flash, Adobe Reader, MS-XML and Internet Explorer versions prior to 9.0. If it finds any vulnerable version of any of the plug-ins it uses them to take over remote control of your computer.
You can learn more about this by reading my security Blog, at www.wizcrafts.net/blogs/ and searching for articles about UPS scams and BlackHole Exploit attacks.
The BlackHole exploit uses JavaScript to probe for out of date plug-ins to your web browser, beginning with Oracle's Java, then moving onto Adobe Flash, Adobe Reader, MS-XML and Internet Explorer versions prior to 9.0. If it finds any vulnerable version of any of the plug-ins it uses them to take over remote control of your computer.
You can learn more about this by reading my security Blog, at www.wizcrafts.net/blogs/ and searching for articles about UPS scams and BlackHole Exploit attacks.
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
-
Erv Niehaus
- Posts: 27176
- Joined: 10 Aug 2001 12:01 am
- Location: Litchfield, MN, USA
-
Bill Ford
- Posts: 3862
- Joined: 13 Dec 1999 1:01 am
- Location: Graniteville SC Aiken
I have never received a notification of shipment from any carrier, thats what tipped me off, also the zip file with the tracking #s. Bottom line, if it don't look right, it probably is not.
Also, I have received legit looking emails in my spam folder from folks that I know, thats another tipoff..
Bill
Also, I have received legit looking emails in my spam folder from folks that I know, thats another tipoff..
Bill
Bill Ford S12 CLR, S12 Lamar keyless, Misc amps&toys Sharp Covers
Steeling for Jesus now!!!
Steeling for Jesus now!!!
-
Wiz Feinberg
- Posts: 6113
- Joined: 8 Jan 1999 1:01 am
- Location: Mid-Michigan, USA
If you have used that PC for any online banking, PayPal, or any other financial or website purpose, check all of your accounts. The BlackHole usually drops the ZeuS banking Trojan.Erv Niehaus wrote:I got one of these a while back supposedly from FedEx
and I had quite a time getting rid of the corruption to my computer.
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
