Select Page

Cyren Security Blog

UPS malware now sent via DHL!

For the 3rd day running we are seeing vast quantities of email-attached malware. Today the spoofed sender was DHL with subjects like “DHL Express Service”. The emails included standard test such as:

Dear customer.

The parcel was sent your home address.

And it will arrive within 3 business day.

More information and the tracking number are attached in document below.

Thank you.

© 1994-2011 DHL Express Services, Inc.

In their desperation to push out more malware today the senders seem to have overlooked the required filename change – the “DHL.zip” files are now carrying …… UPS.exe (as distributed in the last 2 days).

There is a clear push to build a large number of infected computers – maybe an attempted botnet rebuild following the demise of Rustock in mid-March? The graph below shows the malware portions of daily email (orange line), with large daily outbreaks clearly visible.

You might also like

LinkedIn Phish Kit

Scam Warning Back in January, LinkedIn posted a warning about connection requests from individuals impersonating employees of a legitimate organization. These requests come from newly created accounts. If someone accepts the request, the attackers will have more...