|
?:reviewBody
|
-
Examples: Origins: A common (and unfortunately, effective) technique for luring e-mail users into opening virus-launching attachments is to send messages that would appear to be relevant or important to many of their potential recipients. One way of accomplishing this feat is to make the virus-carrying messages appear to come from some type of business entity that many people commonly deal with, such as one of the large Internet auction or retailing sites, or a national bank (or other financial institution), or a major provider of a common service. That last area usually comes into play around the winter holiday season, when e-mail users experience the onset of a viruses spread through messages purporting to come from parcel delivery companies such as the United Parcel Service (UPS) or Federal Express (FedEx). The bogus messages typically inform users about packages they have supposedly sent that could not be delivered due to incorrect recipient addresses and invite them to open and print out attached invoices in order to claim the undelivered packages. The messages include file attachments with names like 'ups_invoice.zip' that actually harbor malicious executable files ('ups_invoice.exe' or the like) and display as a Microsoft Word icon to make it appear like a harmless Word document and thereby lure recipients into clicking on it. A mass mailing of this type is bound to hit quite a few people who have shipped parcels in the recent past (especially around the holidays) and therefore might easily be lured into opening the virus-launching attachment, so UPS was quick to put up (and e-mail) a warning about the malicious messages: UPS currently has the following warning on their web site about the phony e-mails: FedEx placed a similar warning on their site: A version aimed at DHL surfaced in late March 2009, prompting that company to post an alert on their web site: Yet another version (cited in the 'Examples' section above) featuring messages purportedly originating with the United States Postal Service (USPS) began circulating in September 2010, with those messages asking recipients to print out a mailing label in order to lure them into opening the enclosed attachment (USPSlabel.zip) and activating the malware contained therein. The USPS posted a warning about this version on its web site: As of March 2011, Canada Post was also warning of similar virus mailings:
(en)
|
![[This page as RDF]](http://data.gesis.org/claimskg/static/rdf-icon.gif){kind=icon}