Home Malware Programs Trojans 'UPS' Email Virus

'UPS' Email Virus

Posted: March 27, 2020

The 'UPS' email virus is an elaborate tactic that cybercriminals use to propagate the Hancitor (also known as Chanitor) Trojan downloader. This threat is likely to be used to install additional malware on the computers it infects, so it is safe to say that this is a major security concern. Anyone can receive the 'UPS' email virus since the cybercriminals behind this campaign are likely to use publicly leaked email databases. If your address is in one of these databases, then there is a significant chance that you might end up getting one of these fake emails – if you are using a reputable email service provider, then the corrupted message may end up in your spam folder.

The bogus emails claim to come from UPS, and they are designed to look like legitimate messages from the popular parcel delivery company – the text is accompanied by the UPS logo and UPS-related graphics, as well as by a tracking ID. All of the information is fake, and its goal is to convince you that this is a trustworthy message. Recipients are asked to download and review an invoice file that contains an invoice – however, the file attachment is a corrupted document that is programmed to exploit Microsoft Office vulnerabilities. If the recipient uses an outdated Microsoft Office version, the Hancitor Trojan may be installed on their computer.

Fake invoice and delivery notices have been used by cybercriminals for many years, and it is important to remember that such emails should not be trusted blindly. If you did not expect a UPS shipment and received one of these emails, then it is very likely that it is part of the 'UPS' email virus campaign.