Cyber criminals are targeting businesses with a UPS invoice phishing campaign that has already spat out 540,000 bogus messages.
AppRiver researcher Jonathan French reported uncovering the scam, warning that the criminals have already sent over half a million emails using 116 different compromised domains. French said the bogus UPS invoices are loaded with a malicious link to one of the compromised sites, which when clicked infects the victim's machine with malware
French wrote: "This morning a malware campaign started coming in as fake UPS invoice emails. The messages looked legitimate in their formatting with a standard UPS email. Every link in the message, however, took the user to a compromised website," he wrote
"The URLs themselves used a similar formatting after the compromised domain name, usually including some variation of the UPS domain name in them. The threat is a Kryptik Trojan that is placed using a Java exploit. After clicking on one of the links, the user will be brought to a page telling them they are being redirected. From there, the Java exploit begins and the malware gets installed."
The campaign is one of many phishing scams using the UPS brand to dupe web users. Prior to it a similar scam was detected in September 2012. The campaign targeted Apple fans with bogus emails masquerading as iPhone 5 UPS delivery notifications on the eve of the smartphone's launch.
French said the attacks can be mitigated if employees use common sense and follow basic best practice when using their company email.
"It's always good practice to be cautious of unexpected emails from large retailers or service providers. Most browsers will also show you link URLs in the bottom of the browser windows if you hover over a link without clicking it," he wrote.
"If the URL is taking you to an unknown site or one that does not belong to the email sender, that is usually a red flag that there may be something malicious going on."
Rafaela Vasquez was watching The Voice at the time of the crash, new evidence shows
PUBG price slashed on Steam after selling more than 50 million copies - as daily player numbers plunge
Use the same password for every website? It might be time to change them all
Applicants for parking bay suspensions put at risk of credit card fraud by Islington Council