Monday, September 26, 2011

Alert: Australia Post - Get your parcel No306. (do_not_reply.id.5133@auspost.com.au)

I’ve received a number of emails in the past week with the message Get your parcel. By coincidence these started arriving a day after Dodo said they’d send me a replacement Buddy Box for the one which didn’t work. One client fell for a UPS malware email because they received an email from UPS and were expecting a UPS parcel. If you’re expecting a parcel, receiving an email like this could easily trick you.

In this case the body of the email is very basic and unlikely to be from a large company like Australia Post.

Dear customer.

Your package has been returned to the Australia Post office.
Reason: The package is too large
Please find the attached document containing detailed information about delivery failure.
Read all information carefully and come to the "Australia Post" office to receive your package.

Thank you for attention.
Customer service.

Attached is a zip file (Attached_Document_AU18489.zip) which contains the file Attached_Document.exe. This file is an executable file but it has been designed to look like a Word document with a Microsoft Word icon. Since most people can’t see the file extension they could be easily tricked into thinking this is a Word document. Opening the file will not open a document, but instead run a program, most likely designed to infect your computer.

I use OzEfilter to check the emails at my mail server before receiving them into my computer and in this case OzEfilter showed me the email was sent from Canada. Just another piece of information which confirms this is most likely malware. Microsoft’s Security Essentials doesn’t show this file as malware. This is where you need to use common sense and not open files like this. Just delete them as soon as you receive them.

Kelvin Eldridge
www.OnlineConnections.com.au
Call 0415 910 703 if you need help with your computer
Servicing Doncaster, Templestowe, Eltham and the surrounding areas.

No comments: