Parcel schemes designed to spread pieces of malware don’t target only FedEx or USPS customers. Experts have found that German speaking internauts may also receive dangerous delivery failure notices.
The emails purport to come from Deutsche Post – the world’s largest courier company – and inform the recipient (in German) that a package couldn’t be delivered, MX Labs researchers
report.
Users are directed to the attached file for more information. As in all scams that involve courier firms, the attachment, Postetikett_Deutsche_Post_AG_ DE355-35.zip, contains a file called
Postetikett_Deutsche_Post_AG_ DE355-35.exe.
This executable is actually a Trojan identified as
Win32/Kryptik.AILV (ESET),
W32/Falab.G8.gen!Eldorado (F-Prot) or
Trj/Genetic.gen (Panda). Unfortunately, at press time only these security solutions providers and GFI detect the file as being a piece of malware.
Here’s how part of the message, allegedly coming from
postzustellung@deutschepost.de, looks like:
Lieber Kunde,
Es ist unserem Boten leider misslungen einen Postsendung an Ihre Adresse zuzustellen.
Grund: Ein Fehler in der Leiferanschrift.
Sie konnen Ihre Postsendung in unserer Postabteilung personlich kriegen.
Anbei finden Sie einen Postetikett.
Vielen Dank!
Deutsche Post AG.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
