Hi Guys,
There are some FedEx / UPS type emails that are making the rounds. These emails are FAKE.
edit: Additionally, there is a secondary way to be infected:
Some infected sites will ask you to download a codec in order to play video or audio content on their site. Do NOT do this! If it's not flash, real, or Windows Media supported, chances are you DON"T need it. Other than the method of delivery though, the payload is the same.They will say something to the effect that an attempt to deliver a parcel failed, and to click on the attachment.
Please, never click on an attachment from an email like this. FedEx and UPS wouldn't send you an attachment to open, they would send you a tracking number, and a link to their website.
Here are some of the dead giveaways that you've received an email that may damage your system:
1. In many of these emails there are a crapload of spelling mistakes. They're usually glaring mistakes, and are obvious if you slow down and read all of the message. Too often we get caught because we're in too much of a hurry to read it carefully and notice that it's wrong.
Additionally, the way our brains are wired, we can actually read a message that's completely full of mistakes, because the brain can sort it out, sometimes without us consciously realizing it.
2. It has an attachment. Most companies these days know better than to send attachments to their clients. Especially as a zip or exe file.
3. It was unsolicited. In -most- cases, you will not be expecting a package from either of these companies. Though I had to clean up the mess from the latest version of this on 2 client computers, because they were actually expecting something.
Most of these email malwares and trojans etc rely on social engineering. They NEED a human to click on them. To be tricked into thinking that they contain information that they want or need.
The payload:
The goal of these emails is to install a little application on your computer that is incredibly difficult to remove. It will pop up advertisements saying that your computer is infected, and that Windows XP Defender or some such crap will protect you. It's very cleverly done. It will look a lot like it's an actual Windows Security Center Message. PLEASE don't be taken in by any of this. It's a scam, and it's an attempt to separate you from your hard earned dollars.
Take the time to make sure you're getting what you you think you're getting before you click on the attachments, and don't buy anything you didn't ask for. i.e. "Buy this, it will stop these messages"
Save your money. Don't give it to crooks. Spend it on your bike.