Yes, there are lots of web-based threats out there – but that doesn’t mean that cybercriminals have stopped abusing email systems to spread their malware.
In the past few days we’ve seen hundreds of thousands of dangerous emails posing as a “Facebook Password Reset Confirmation”, a “Contract of Settlements”, and failed deliveries from DHL, amongst others.
Today the bad guys have changed their tack – but only slightly. Rather than DHL or FedEx, they’ve switched back to UPS:
The message in the email reads:
Unfortunately we were not able to deliver postal package you send on October the 1st in time because the recipients address is not correct. Please print out the invoice cioy attached and collect the package at our office
Of course the emails, which have the subject line…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.