14 DAY TRIAL // Parcel schemes designed to spread pieces of malware don’t target only FedEx or USPS customers. Experts have found that German speaking internauts may also receive dangerous delivery failure notices.
The emails purport to come from Deutsche Post – the world’s largest courier company – and inform the recipient (in German) that a package couldn’t be delivered, MX Labs researchers report.
Users are directed to the attached file for more information. As in all scams that involve courier firms, the attachment, Postetikett_Deutsche_Post_AG_ DE355-35.zip, contains a file called Postetikett_Deutsche_Post_AG_ DE355-35.exe.
This executable is actually a Trojan identified as Win32/Kryptik.AILV (ESET), W32/Falab.G8.gen!Eldorado (F-Prot) or Trj/Genetic.gen (Panda). Unfortunately, at press time only these security solutions providers and GFI detect the file as being a piece of malware.
Here’s how part of the message, allegedly coming from [email protected], looks like:
Lieber Kunde,
Es ist unserem Boten leider misslungen einen Postsendung an Ihre Adresse zuzustellen. Grund: Ein Fehler in der Leiferanschrift.
Sie konnen Ihre Postsendung in unserer Postabteilung personlich kriegen. Anbei finden Sie einen Postetikett.
Vielen Dank! Deutsche Post AG.