Webroot researchers warn that spammers are up to their old tricks and are widely-spamming out fraudulent UPS notices to drive users to malicious websites serving malware.
Here’s a copy of the email currently being sent out:
UPS – Your UPS Team
Dear Client, DELIVERY CONFIRMATION: FAILED
Track your Shipment now!
Pack it. Ship ip. No calculating , Your UPS Team.
According to Webroot, recipients that click on a link within the email will be taken to a third-party website hosting the infamous BlackHole exploit kit, which will attempt to exploit system vulnerabilities in order to plant malware on the visiting machine.
What to Do with UPS Spam
If you receive an email similar to the one below, it is strongly recommended that you:
- Do NOT click on any hyperlinks within the email.
- Report the email to UPS by forwarding it to firstname.lastname@example.org (be sure to include the full headers).
- Delete the email immediately.