Fake USPS Email is a Triple Threat

USPS Phishing Attack Spreading Like Wildfire

A new phishing attack is spreading around the nation.  Graham Cluley reported, the email being distributed is a fake USPS email which claims the victims have a package that needs to be picked up.  The email states they must review the “shipping label” and schedule a pick-up time by downloading the “attachment”.

Picture Courtesy of Graham Cluley

In reality, the attachment is malicious and includes three different kind of executable malware that hackers are using to get all of the data they want.  First, upon downloading the malicious attachment, malware is installed to obtain remote access of the PC.  The second malware scours the computer for any personal information that can be profitable for the hackers.  The last malware variant reviews the PC to ensure no critical pieces of data were missed.

Avoiding These Attacks

If you have a real-time security solution, that includes application whitelisting technology, these attacks would be stopped.  When the above malware variants would attempt to execute, they would be compared to the whitelist.  Since they are not a safe file, they would not run.

However, instead of solely relying on your security solution, it is also encouraged PC users implement best practices when it comes to downloadable attachments.

  1. Always think before you click.  In this case, are you expecting a package?  If not, it’s probably best not to click it.
  2. If you are suspicious, do NOT click on anything.  Instead, call the party the email is from.  In this case, call your post office to inquire about this package.
  3. Look at the “from” email address in the email image above.  It is not a USPS email — major give away that it is a scam.
  4. The reply-to address is not in the above image, but checking that is important too.  Often times hackers will do a good job of making the “from” address look legitimate (obviously not in this case), but fail to change the reply-to address to look legitimate.

(Visited 360 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *