It is IMPORTANT to note that the SCAM is NOT Coming from, or associated with UPS!
But what if that email also asks you to open an attachment, that appears to be a Microsoft Word document? Would you be suspicious? Would you click on it?
Hopefully not.
But hundreds, maybe thousands, of people have done just that, only to discover, if they're lucky, the whole thing is a scam and that clicking on the attachment downloads a virus onto their PC. (This does not affect Mac users.)
We say "if you're lucky" to make the discovery because, if you don't, the virus will just sit there doing its evil work -- reading your files, including confidential information, then transmitting the details to a server somewhere in Russia.
At least if you know it's there, you can do something about it.
It's not a virus, it's a trojan.
Actually, this UPS scam malware is not a virus but a Trojan -- the difference being that a virus replicates itself and sends itself to other computers, whereas a Trojan must be sent out by someone (usually in a spammed message) and then actually be installed by the victim.
However, that doesn't make it any less lethal once it hits your machine.
So far, there seem to be two main variations of the offending spammed email -- both looking like a genuine notification.
The first one tells you the parcel service tried but was unable to deliver a package to you due to their having an incorrect address. The subject heading usually has a phony tracking number. The attachment is supposedly a copy of a waybill or invoice for you to print and use to collect the parcel from a UPS office.
The second is a customs notification and may even seem to come from "US Customs Service" rather than UPS. It says you have an international package (usually from France) and that you need to complete the attached customs form so it can be delivered.
In both this and the UPS scam, the attachment is a compressed ZIP file (that is, one with a name that ends in ".zip"), even though the icon may look like a Word document. As soon as you double click on it, you're doomed.
It installs a downloading program that then fetches and installs at least two more files on your system. These may disable your firewall, look for and steal credit card and bank account details, make screen snapshots and allow hackers continued access to your machine.
UPS has issued a warning telling customers not to click the attachment. The firm also points out that although it sometimes does send out email notifications, it rarely uses attachments.
Similarly, US Customs says it normally contacts people by letter rather than email.
Action: One of the worrying aspects of the UPS scam was that, at first, most Internet security software failed to spot the Trojan and allowed it to install. Subsequently, they all issued virus definition updates so, if your program is up to date, you should be OK.
If you do get the email, delete it. It shouldn't harm you, provided you don't click the attachment.
Of course, this attack underlines the danger of ever clicking on an attached file, even if it appears to come from a person or organization you know or frequently deal with.
You just can't be sure. And, although it may take a little more time, it's relatively easy to check out how genuine an attachment is by contacting the sender by phone or email (keying in their email address yourself rather than hitting the 'reply' button!).
In the case of the UPS scam, so many people are regular users of UPS they allowed this familiarity to cloud their judgment and clicked on the link.
If your machine does become infected, disable system restore, boot your computer into safe mode, update your virus definitions and then run a full system scan.
If you're not sure how to do this, check your operating system and security software documents. If you don't have security software installed -- now is the time!
