The fraudulent email has the subject "UPS packet N3621583925", and claims that a package sent by you could not be delivered due to an incorrect shipping address. Attached is a .zip file that contains a virus disguised a Microsoft Word document with names like "UPS_invoice". Once opened, the virus attacks the Microsoft Windows operating system and Microsoft Internet Explorer web browser.
UPS has sent an official email warning customers:
We have become aware there is a fraudulent e-mail being sent that says it is coming from UPS and leads the reader to believe that a UPS shipment could not be delivered. The reader is advised to open an attachment reportedly containing a waybill for the shipment to be picked up. This e-mail attachment contains a virus. We recommend that you do not open the attachment, but delete the e-mail immediately.
Always be careful when receiving suspicious emails that instruct you to open attachments--email attachment is one of the most popular ways to spread malware. If you receive an email from UPS and you're curious about its authenticity, please contact customerservice@ups.com.
Source: ars technica
