Spamvertised 'Cancellation of the package delivery' emails serving malware

Security researchers from Sophos have intercepted a currently spamvertised malware campaign, impersonating the Royal Mail office.

Security researchers from Sophos have intercepted a currently spamvertised malware campaign, impersonating the Royal Mail office.

Spamvertised subjects include:

  • Error in the delivery address No30173
  • You should come to the Royal Mail office and receive a package
  • Track your shipment No24127
  • Cancellation of the package delivery
  • Track your parcel No9782
  • A package is available for reception
  • Get your parcel No083
  • Error in the delivery address No40046009
  • Error in the delivery address No0633376
  • Delivery Problem
  • Royal Mail Delivery information

Spamvertised message:

Dear customer.A courier did not deliver the package to your address.Reason: The package is too largeInformation about your package is attached to the letter.Read all information carefully and come to the "Royal Mail" office to receive your package.Thank you for your attention.Royal Mail Service.

In this campaign, cybercriminals are enticing end users into downloading and execution a malicious .ZIP attachment currently detected as Mal/BredoZp-B and Mal/EnckPK-AAT (MD5: 6bd53a62c768f7ce8663310ed404b89c).

Users are advised not to interact with suspicious emails, or spam emails in general.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All