Malware-laced UPS delivery notifications are back on vogue as one of the latest versions offers two ways to suffer an infection.
The email’s body is simple. It reads something like: “You have attached the invoice for your package delivery. Thank you, United Parcel Service.”
The notification comes with two files attached to it. One of them is an executable file that hides a variant of the ZeuS Trojan (currently detected only by a handful of anti-malware solutions), said researchers at MX Lab.
The other one is an .HTML file which purports to contain “Important Delivery Information.”
When users click the link that should lead to an invoice, they end up going to another page that instructs them to download and install a plugin in order to view the document, the researchers said.
The plugin, JavaJREInstaller.exe, is another variant of the ZeuS banking malware.
Once that happens, the attackers snared another victim.