I received an email this morning from ups.com, as below. I was suspicious and did not get caught, but I was close to opening the zip file. Beware the email may be doing the rounds
The messages contains the text:
Unfortunately we were not able to deliver postal package you sent on December the 4th in time because the recipient’s address is not correct. Please print out the invoice copy attached and collect the package at our office
Your UPS
The messages includes an attachment ups_invoice.zip which extracts the ups_invoice.exe file. This file contains a trojan known as W32/Agent.HFN by F-Prot. We couldn?t resist to submit this file to Virus Total and to see how many signature based anti virus engine will detect this malware. This time there where only 8 of the 34 anti virus engines detecting the trojan.
