We are seeing them come in. The common static denominators are: 1. Subject line "UPS Tracking Number" 2. Body contains" Unfortunately we were not able to deliver postal package you sent on July the 1st in time because the recipient's address is not correct. Please print out the invoice copy attached and collect the package at our office
Your UPS" Mike -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Randy Armbrecht Sent: Monday, July 21, 2008 4:23 PM To: declude.virus@declude.com Subject: [Declude.Virus] New Virus (.exe) in a zip attachment? We juat saw a new apparent virus/phishing threat come across trying to imposter as a failed UPS delivery notice. The file attached was called UPS_INVOICE_978172.zip and included a .exe file within. Is their anyway to catch these in the BanFile area of Declude? We do allow banned files within a zip in our current config. It would have to be set up as a wild card I imagine (assuming the numbers in the file name would change). We've only seen one of these so far, so do not have anything else to compare to to see if name is changing or not. ------- Randy A. Technical Support Director Global Web Solutions, Inc. 804-442-5300 http://globalweb.net --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
