7 replies
Now this type of email has been doing the rounds for years, however, I was nearly fooled by it this time.

I received an email from UPS Manager Cecilia King - service@ups.com with the subject "UPS Delivery Problem NR 41199."

The email said;
Code:
Hello! 

We failed to deliver the postal package sent on the 23rd of December in time
because the recipient's address is erroneous.
Please print out the invoice copy attached and collect the package at our office.

United Parcel Service of America.

sav
There was a .txt file attached which presumably has a virus in it.

I was nearly fooled by it as I thought something I had ordered from America had a problem and I nearly opened the text file, luckily I didn't.

I opened the header of the email and it says it was sent from epicentersmv5@sunshineman.com, however, there doesn't appear to be an active website at the domain.

It also says that it was received from 125-237-168-218.jetstream.xtra.co.nz which presumably means this person is using Telcom in New Zealand to host their domains and send viruses/spam to people.

Should I contact them with this information or is the stuff in the headers likely to be faked also?
#email #virus #warning
  • Profile picture of the author JohnMcCabe
    Likely to be faked. Or sent from a computer infected by the same virus.

    As I understand, much of the spam sent goes out via these botnets...
    {{ DiscussionBoard.errors[1816585].message }}
  • Profile picture of the author Dennis Gaskill
    There another one I've been receiving a lot lately, and that's a phony warning about email settings being changed. Here's exactly what it says:
    Dear use of the yourdomain.com mailing service!

    We are informing you that because of the security upgrade of the mailing service your mailbox yourname(at)yourdomain.com settings were changed. In order to apply the new set of settings open attached file.

    Best regards, yourdomain.com Technical Support.
    I changed my domain to yourdomain so people don't glance at the post and mistake my real domain for the source of the virus. If you receive this scam it will use your real domain and your real email address. It comes with a "settings.zip" file attached. I imagine people are falling for the lie and opening the zip file. Don't YOU be one of them!
    Signature

    Just when you think you've got it all figured out, someone changes the rules.

    {{ DiscussionBoard.errors[1816598].message }}
    • Profile picture of the author JohnMcCabe
      Originally Posted by Dennis Gaskill View Post

      There another one I've been receiving a lot lately, and that's a phony warning about email settings being changed. Here's exactly what it says:
      Dear use of the yourdomain.com mailing service!

      We are informing you that because of the security upgrade of the mailing service your mailbox yourname (at) yourdomain.com settings were changed. In order to apply the new set of settings open attached file.

      Best regards, yourdomain.com Technical Support.
      I changed my domain to yourdomain so people don't glance at the post and mistake my real domain for the source of the virus. If you receive this scam it will use your real domain and your real email address. It comes with a "settings.zip" file attached. I imagine people are falling for the lie and opening the zip file. Don't YOU be one of them!
      Amen to that.

      I get those in bunches. I get a lot that say "the webmaster" or the "system admin" had to change the email settings. In my case, I am the webmaster, the stem admin and the hosting company. And I don't remember doing any of those changes...

      Seriously...

      If your ISP or hosting company wants you to make changes, they will ask you to log into your account and make/approve changes. Never open this type of attachment.
      {{ DiscussionBoard.errors[1816633].message }}
  • Profile picture of the author Raygun
    I cannot believe how many emails I get talking about, "You need to get back to us because your great uncle 7 times removed just died and you are his last relative! Claim your 20 Billion!" Seriously I must get about 2 of these a day.
    {{ DiscussionBoard.errors[1816622].message }}
  • Profile picture of the author Dennis Gaskill
    Pat, the attached file may not have been a text file. It could have been a file type that is typically hidden by windows unless you change your system to show hidden file types. The file may have looked like: filename.text ...but in reality may have been filename.text.vbs

    Since a vbs file is one that is hidden by default, only the filename.txt part shows.

    Note: I'm not positive .vbs is one of the hidden file types. I think it is, but if not, the point is that there are some types of file extensions that are hidden by default unless you change the settings.

    Edit: Just after posting this message, I received an email saying DHL Express Services couldn't deliver my package. Apparently they dirtbags use a variety of delivery services.
    Signature

    Just when you think you've got it all figured out, someone changes the rules.

    {{ DiscussionBoard.errors[1816669].message }}
    • Profile picture of the author JohnMcCabe
      Originally Posted by Dennis Gaskill View Post

      Edit: Just after posting this message, I received an email saying DHL Express Services couldn't deliver my package. Apparently they dirtbags use a variety of delivery services.
      Dennis, the only delivery service I haven't seen mentioned is the US Postal Service. Seems even the spammers don't want the feds involved.

      Wells-Fargo and Western Union are also popular...
      {{ DiscussionBoard.errors[1816725].message }}
    • Profile picture of the author halfpoint
      Originally Posted by Dennis Gaskill View Post

      Pat, the attached file may not have been a text file. It could have been a file type that is typically hidden by windows unless you change your system to show hidden file types. The file may have looked like: filename.text ...but in reality may have been filename.text.vbs
      Yep, I think you're right. I've heard of that before.

      Usually these types of emails stand out and just get deleted without a second thought but this one took me a few seconds to realise what was going on.

      It must be amazing how many people do actually get fooled by these on a daily basis.
      {{ DiscussionBoard.errors[1816752].message }}

Trending Topics