Showing posts with label UPS Delivery Problem. Show all posts
Showing posts with label UPS Delivery Problem. Show all posts

Tuesday, March 2, 2010

Inbox - Subject: [virus Win32/Oficla.DH Troyano] UPS Delivery Problem NR 31125. What is UPS doing about these crimminals?

wotannw356@fortran.com>
Received: from 222-154-79-186 is an invalid IP Address.jetstream.xtra.co.nz (222-154-79-186.jetstream.xtra.co.nz [222-154-79-186])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id o226W8jO000771
for <xxxxx@xxxxx>; Tue, 2 Mar 2010 07:32:13 +0100
Received: from 222.154.79.186 by mx1.swcp.com; Tue, 2 Mar 2010 19:31:57 +1200
Date: Tue, 2 Mar 2010 19:31:57 +1200
From: "Postal Support Christine Spivey" <parcel.delivery@ups.com>
X-Mailer: The Bat! (v3.71.01) Home
Reply-To: wotannw356@fortran.com
X-Priority: 3 (Normal)
Message-ID: <583385633.38126869506208@fortran.com>
To: xxxxx@xxxxx
Subject: [virus Win32/Oficla.DH Troyano] UPS Delivery Problem NR 31125.
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------5F59AF44A82720"
X-UIDL: ?LT!!@'^!!,1~!!HP3!!
Status: U
X-EsetResult: clean (cleaned), contained Win32/Oficla.DH trojan
Old-X-EsetId: E75C98239060233DFD14C73FC27F253DA219927D
X-EsetId: E75C98239060233DFD14C73FC27F253DA219927D
X-EsetScannerBuild: 6677
Dear customer!

We failed to deliver postal package sent on the 1st of December in time
because the recipient’s address is not correct.
not expecting a package so warning sign

Please print out the invoice copy attached and collect the package at our department.

United Parcel Service of America.
What is UPS doing about these crimminals? Check IP address - http://www.find-ip-address.org/ip-address-locator.php
222-154-79-186 is an invalid IP Address which prooves that crimminals are behind this email


__________ Alerta de ESET NOD32 Antivirus, versión de la base de firmas de virus 4907 (20100302) __________

Alerta, ESET NOD32 Antivirus ha encontrado las siguientes amenazas en este mensaje:

UPS_invoice_Nr145.zip - Win32/Oficla.DH Troyano - eliminado
UPS_invoice_Nr145.zip > ZIP > UPS_invoice_Nr145.exe - Win32/Oficla.DH Troyano - era parte de un objeto eliminado
Posted by at No comments:
Labels: ,

Friday, February 5, 2010

Inbox - UPS Delivery Problem NR 01139. the attachment contains a TROJAN

Return-Path:
Received: from dsl-243-120-226 invalid IP.telkomadsl.co.za (dsl-243-102-194.telkomadsl.co.za [41.243.102.194])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id o156MSar003608
for ; Fri, 5 Feb 2010 07:22:54 +0100
Received: from 41.243.120.226 invalid IP by mailstore1.secureserver.net; Fri, 5 Feb 2010 08:22:02 +0200
Date: Fri, 5 Feb 2010 08:22:02 +0200
From: "UPS Manager Ursula Skinner"
X-Mailer: The Bat! (v3.60.07) Professional
Reply-To: hopewell30@AnswerMove.com
X-Priority: 3 (Normal)
Message-ID: <849403296.81159917168806@answermove.com>
To: xxxx@xxxxx
Subject: UPS Delivery Problem NR 01139.
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------A711D3479E22B6"
X-UIDL: eK8!!0NI"!!GV!!G]N!!
Status: U
Old-X-EsetId: E74D982990713469F84B987C9E2072
X-EsetId: E74D982990713469F84B987C9E2072
X-EsetScannerBuild: 6533

Dear customer!

Unfortunately we were not able to deliver the package sent on the 4th of December in time
because the recipient’s address is wrong.
Please print out the invoice copy attached and collect the package at our office.

United Parcel Service of America.

These seem to come regularly and we have exposted them but no harm in advising our visitors again. IP Check for what it is worth as they could be using BOTS
http://www.find-ip-address.org/ip-address-locator.php
 Checking withboth IP´s are invalid - this is a crime!

Do not open attachment if you do download in error. I could have erased it on my server using JBMail
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)