madison

Zero Day

Ryan Naraine and Dancho Danchev
Home / News & Blogs / Zero Day

Spamvertised Post Office Express Mail (USPS) emails lead to malware

By | March 25, 2011, 9:23am PDT

Summary: A currently spamvertised malware campaign is brand-jacking the USPS in an attempt to trick users into downloading and executing a malicious file.

A currently spamvertised malware campaign is brand-jacking the USPS in an attempt to trick users into downloading and executing a malicious file.

Sample subject: Post Express Information. Your package is available for pick up. NR[random number]

Sample attachment: Post_Express_Label_ID_[random number].zip; Post_Express_Label.exe

Sample message: Dear client Email notice number.[random number]. Your package has been returned to the Post Express office. The reason of the return is “Error in the delivery address” Important message! Attached to the letter mailing label contains the details of the package delivery. You have to print mailing label, and come in the Post Express office in order to receive the packages! Thank you for using our services. Post Express Support.

Users are advised to avoid interacting with suspicious file attachments.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Malware, U.S. Postal Service, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Disclosure

Dancho Danchev

More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile.

Biography

Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis. More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile. You can also follow him on Twitter

Talkback Most Recent of 9 Talkback(s)

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources