tag:blogger.com,1999:blog-6477215397403017256.post6125617927045970644..comments2023-11-08T03:33:06.125-08:00Comments on the JoshMeister on Security: UPS/USPS Scam E-mail with Oficla Trojan AttachmentJosh Longhttp://www.blogger.com/profile/03511083686180216122noreply@blogger.comBlogger60125tag:blogger.com,1999:blog-6477215397403017256.post-16481280333614168412013-08-28T13:42:48.014-07:002013-08-28T13:42:48.014-07:00just received it in 2013 cosmicrayukjust received it in 2013 cosmicrayukAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-80713913899195113562012-09-04T05:44:40.526-07:002012-09-04T05:44:40.526-07:00This is the last one I just received; little modif...This is the last one I just received; little modified.<br />Be careful with the clicking on open page, since not only the button is an active link, but the entire image/page.<br /><br />"Unfortunately we failed to deliver........."City_Citizenhttps://www.blogger.com/profile/17466812745756695485noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-30211280805012144002012-07-17T08:57:13.241-07:002012-07-17T08:57:13.241-07:0052101766-d01c-11e1-a552-000bcdca4d7a: It's hig...52101766-d01c-11e1-a552-000bcdca4d7a: It's highly unlikely. I haven't heard any reports about iOS malware spreading through e-mail attachments.<br /><br />Still, it's a good idea to be more careful in the future.<br /><br />Think it through logically:<br /><br />"This e-mail claims that USPS attempted to deliver a package and it was sent to the wrong address. I don't have the package, so what good would it do for me to print a shipping label?"<br /><br />Furthermore, legitimate companies will almost never send and ask you to open an attachment. That's another big red flag.Josh Longhttps://www.blogger.com/profile/03511083686180216122noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-34834858058471180052012-07-17T07:33:26.895-07:002012-07-17T07:33:26.895-07:00I received similar email (after logging into the r...I received similar email (after logging into the real USPS.com website and : Attempted delivery of package on June 27 was sent to erroneous address, please reprint shipping label. Unfortunately I opened it on my Iphone. It was a .zip file. Josh, any word if by now the virus has evolved and is infecting Iphones with .zip files, or are we still safe because Iphones cannot open them?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-4733226579784210002012-06-14T08:19:01.364-07:002012-06-14T08:19:01.364-07:00luciole2345: Not likely.luciole2345: Not likely.Josh Longhttps://www.blogger.com/profile/03511083686180216122noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-72516920706723052872012-06-14T06:26:55.204-07:002012-06-14T06:26:55.204-07:00I've looked everywhere for an answer to this q...I've looked everywhere for an answer to this question and would very much appreciate any advice: could I be infected if all I did was open the zip file but then got wise before clicking on the .exe file? I was reading an email in Windows XP, in Pine, said yes to opening the zip file (the emailed claimed to be from DHL), suddenly it was showing me a .exe file to click on, at which point suddenly I woke up to what was going on.<br /><br />I didn't click on the .exe file, immediately closed the window, closed the email, deleted it. Exited, restarting, about to do a scan from an Avast! disk. The only immediately odd thing was that I couldn't disable the wireless network before shutting down, which seems worrying. Other than that - my main question is: will just opening up the zip file but not having clicked on the .exe file still have infected me?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-37157446436287663622012-04-30T11:22:07.677-07:002012-04-30T11:22:07.677-07:00sittee2b: If the .exe file wouldn't open, then...sittee2b: If the .exe file wouldn't open, then your Mac did not get infected.<br /><br />You should strongly consider using antivirus software on your Mac, though, since Mac malware has been increasing over the past couple years. There are a couple of free antivirus products available from <a href="http://www.sophos.com/freemacav" rel="nofollow">Sophos</a> and <a href="http://www.avast.com/free-antivirus-mac" rel="nofollow">Avast</a>, and <a href="http://www.intego.com/" rel="nofollow">Intego</a> offers a 30-day trial.Josh Longhttps://www.blogger.com/profile/03511083686180216122noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-21007522419249131432012-04-30T08:14:40.314-07:002012-04-30T08:14:40.314-07:00Apparently all my neurons aren't firing this m...Apparently all my neurons aren't firing this morning because I just received this email from USPS and opened the attached zip file. I had just sent out a package and was also expecting one so I let my guard down. I am ashamed to admit that I did try to open the .exe file but it wouldn't open. I am on a Mac so my question to you Josh is this. Does your response to Bt and aohl still hold true concerning Macs since this might be a more recent email virus? Will this affect my mac at all? <br /><br />I also want to thank you so much for this website and for educating lay people like me.sittee2bhttps://www.blogger.com/profile/04595830268707590520noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-36968587048688719312012-04-27T08:43:11.562-07:002012-04-27T08:43:11.562-07:00i just got one says ive exceeded my time delivery ...i just got one says ive exceeded my time delivery and that i will be charged 14 something everyday if i dont download the zip so another one out be careful i will not download anythingLeeryehttps://www.blogger.com/profile/09537781116854272475noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-78140987069583193152012-03-04T11:47:15.942-08:002012-03-04T11:47:15.942-08:00Sarah: It's doubtful.Sarah: It's doubtful.Josh Longhttps://www.blogger.com/profile/03511083686180216122noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-7776960473002460172012-03-04T10:59:59.844-08:002012-03-04T10:59:59.844-08:00I just got what I think was a virus email purporti...I just got what I think was a virus email purporting to be from fedex express services entitled "deliver error (#)." It contained a zip file entitled "fedex invoice copy" with a number after it. I unfortunately opened it on my iphone with "pdf expert" app. Anyone know if this will affect iphone?Sarahhttps://www.blogger.com/profile/05848763840102980394noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-16212606988665293142012-01-06T09:57:09.403-08:002012-01-06T09:57:09.403-08:00I just received and accidently opened and executed...I just received and accidently opened and executed it. This afternoon<br />Now I find all documents, pictures and other files missing... Any idea of what the worst case damage this virus does...?<br /><br />USPS Report.ExeJiwa Nathanhttps://www.blogger.com/profile/11994651609604768238noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-52719795836689351202011-12-04T15:35:53.046-08:002011-12-04T15:35:53.046-08:00DJ: Please see my response to kevel above: http://...DJ: Please see my response to kevel above: <a href="http://security.thejoshmeister.com/2010/10/upsusps-scam-e-mail-with-oficla-trojan.html?showComment=1322105932011#c2258677548164224186" rel="nofollow">http://security.thejoshmeister.com/2010/10/upsusps-scam-e-mail-with-oficla-trojan.html?showComment=1322105932011#c2258677548164224186</a><br /><br />To everyone: As far as I know, there are not currently any versions of these UPS/USPS/FedEx/DHL/Royal Mail fraud e-mails that specifically target or can infect iOS (iPhone, iPad, iPod touch). I'm quite sure that if such a variant were to exist, we would hear about it quickly since iOS malware is almost nonexistent. Likewise, Mac malware is still much more rare than Windows malware, so even a Mac-targeting variant of this e-mail scam would probably make headlines, at least on security and tech news sites.<br /><br />You can subscribe to security sites like this one (<a href="https://feedburner.google.com/fb/a/mailverify?uri=theJoshMeisterOnSecurity" rel="nofollow">subscribe via e-mail</a>), as well as Sophos' <a href="http://nakedsecurity.sophos.com/" rel="nofollow">Naked Security blog</a> and Intego's <a href="http://blog.intego.com/" rel="nofollow">Mac Security Blog</a> to stay informed about threats targeting iOS and Mac OS X as they arise.Josh Longhttps://www.blogger.com/profile/03511083686180216122noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-18417850140737234872011-12-04T15:14:32.684-08:002011-12-04T15:14:32.684-08:00Hi. I stupidly unzipped the attachment to an USPS ...Hi. I stupidly unzipped the attachment to an USPS email on my iPad2 using the GoodReader App. Am I in trouble? DJDJhttps://www.blogger.com/profile/05061439580094065093noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-57074374826443737842011-11-29T13:46:35.061-08:002011-11-29T13:46:35.061-08:00aohl: Please see my response to Bt above: http://s...aohl: Please see my response to Bt above: <a href="http://security.thejoshmeister.com/2010/10/upsusps-scam-e-mail-with-oficla-trojan.html?showComment=1287613670396#c4668898104114893405" rel="nofollow">http://security.thejoshmeister.com/2010/10/upsusps-scam-e-mail-with-oficla-trojan.html?showComment=1287613670396#c4668898104114893405</a><br /><br />If you want to scan your computer anyway and you don't have antivirus software on your Mac (assuming the Mac is your personal property that you use at home) I recommend installing Sophos Anti-Virus for Mac Home Edition. It's free and full-featured antivirus software from a reputable company. You can download it at <a href="http://sophos.com/freemacav" rel="nofollow">http://sophos.com/freemacav</a>Josh Longhttps://www.blogger.com/profile/03511083686180216122noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-23150595226640399612011-11-29T13:38:05.793-08:002011-11-29T13:38:05.793-08:00Just got this email on my MAC this morning and cli...Just got this email on my MAC this morning and clicked open. It was a Zip but then I noticed the .exe. Deleted & deleted from trash as well - but in running te new OSX - any chance for infection? I cleared the cache/ shut down the whole computer.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-40421112844889702011-11-23T21:00:20.039-08:002011-11-23T21:00:20.039-08:00so you think my iphone wasn't infected by the ...so you think my iphone wasn't infected by the virus right? because the zip file never launched in the first place when i clicked it. but just to make sure i restored my iphone's firmware back to its original settings, all my files got deleted but at least my iphone is clean. thank you josh.kevelhttps://www.blogger.com/profile/00223201133859174693noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-22586775481642241862011-11-23T19:38:52.011-08:002011-11-23T19:38:52.011-08:00kevel: It's extremely doubtful. Nevertheless, ...kevel: It's extremely doubtful. Nevertheless, I would recommend against trying to open attachments to "check them out" in the future. Whenever you get an e-mail claiming to be from a company, or even an e-mail that looks like it's from someone you know but seems a little suspicious, never open the attachment. When in doubt, you can always call the sender (using a phone number from your own records, not from the e-mail) to ask about the attachment.Josh Longhttps://www.blogger.com/profile/03511083686180216122noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-31152866245646310702011-11-23T12:17:11.883-08:002011-11-23T12:17:11.883-08:00hey josh! my girlfriend received a similar email b...hey josh! my girlfriend received a similar email but it came from ups that looks suspicious. she then forwarded the email to me to check out if it is authentic. i was using my iPhone when i received the email and i found a zip file attached to it and clicked and tried to open but the iPhone cannot open/launch it so i left it alone. i then searched the internet and found your post so i immediately deleted the email. i was just wondering if my iPhone was infected by the virus in anyway because i am a getting a bit paranoid right now. thanks!kevelhttps://www.blogger.com/profile/00223201133859174693noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-31745063990655143322011-11-19T18:10:27.025-08:002011-11-19T18:10:27.025-08:00It looks like they now have insider information. I...It looks like they now have insider information. I would have fallen for the social engineering trick if I had not been reading a lot on phising.<br /><br />A mail was sent to me a day after someone sent me a package. It claimed that the mail could not go through due to an error in my mailing address. <br /><br />It now went further to request that I should download and pring the shipment label so that i could come to their office with it.<br /><br />The postal service authorities need to check the integrity of their system as lots of personal information is being stolen there.<br /><br />Thanks for sharing.<br /><br />Chinweikechinweikehttps://www.blogger.com/profile/10495074786361529259noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-60940330017297111302011-10-17T14:09:28.486-07:002011-10-17T14:09:28.486-07:00spaghettios2: You could try uploading the file to ...spaghettios2: You could try uploading the file to VirusTotal to see if any other antivirus programs detect it: <a href="http://www.virustotal.com" rel="nofollow">http://www.virustotal.com</a>Josh Longhttps://www.blogger.com/profile/03511083686180216122noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-1556455268105816542011-10-17T13:42:56.222-07:002011-10-17T13:42:56.222-07:00I clicked on an attachment for a similar e-mail an...I clicked on an attachment for a similar e-mail and tried to open it but nothing happened. My e-mail provider renamed the file because it contained an executable file. I'm confused about how that works and whether or not its possible that my computer was able to access the file anyway and become infected. I scanned it with trend micro and McAfee and neither of them found anything but I'm still concerned.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-13779353922946734632011-06-15T09:41:19.447-07:002011-06-15T09:41:19.447-07:00Thanks, Josh.Thanks, Josh.Diegohttps://www.blogger.com/profile/18084671738464414141noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-67924087819028617402011-06-15T09:22:10.756-07:002011-06-15T09:22:10.756-07:00Diego: If you didn't open/run the .exe file, y...Diego: If you didn't open/run the .exe file, you shouldn't have a problem.<br /><br />If you had double-clicked the .exe and it opened in VMware Fusion, then you'd have a problem. Based on your description, it doesn't sound like you did that.Josh Longhttps://www.blogger.com/profile/03511083686180216122noreply@blogger.comtag:blogger.com,1999:blog-6477215397403017256.post-59457891589015287362011-06-15T06:27:04.099-07:002011-06-15T06:27:04.099-07:00I downloaded UPS_documents.exe attachment onto my ...I downloaded UPS_documents.exe attachment onto my Mac. It appeared as a zip file which I opened, containing an .exe file which I did not open.<br /><br />My question is, could it harm my computer if:<br />1) I only "touched" the file in MacOS<br />2) At the time, Windows was open on my Mac in Fusion?<br /><br />In other words, could the virus somehow spread from the Mac host to the Windows one?Diegohttps://www.blogger.com/profile/18084671738464414141noreply@blogger.com