![]() ![]() Microsoft Word will tell you that macros - small scripts that can run in Office files - have been disabled, but the Word file tells you to "Enable Content" to see the text. Open that Word doc, and the text will be so blurry that you won't be able to read it. Here's where this scheme becomes more of a regular phishing/malspam scam, and where it's easiest to avoid. The crook has exploited a cross-site scripting (XSS) flaw in the UPS site to add their own code, which reaches out to another website to fetch and deliver a Word document to the site visitor. Click on either, and you land on a page on the UPS website telling you that "Your download will start shortly." That will display the destination URL at the bottom of your screen.īut in this case, you'll see a real UPS.com web address when you hover over the tracking number or the invoice link. Normally, you can avoid email-based phishing scams by hovering your mouse cursor over the link in the body of the message. However, it wouldn't be that difficult for the sender to "spoof" a legitimate UPS.com email address if they wanted to. The only tip-off that this is bogus is the address of the email sender, which includes "unitedparcelservice" but has a different dot-com name. ![]() You are invited to "download and print out the invoice to pick up the package at the UPS Store" or to click the tracking-number link. The deception begins with a convincing-looking email message notifying you that "your package has experienced an exception," defined as "when a package or shipment encounters an unforeseen event." ![]() How the phish works - and how to avoid it But it won't be the last time this method is used in phishing and "malspam" (malicious spam) campaigns. UPS.com has since fixed the particular flaw that permitted the crook to inject malicious code right into the company website, and most of the best antivirus software detects the malicious Word doc. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |