Homepage MailGuard Pty Ltd newsroom
Register as BUSINESS Register as PR AGENCY Register as JOURNALIST

Your UPS package could not be delivered: Businesses alerted to new breed of fast-breaking email threat

Announcement posted by MailGuard Pty Ltd 19 Jul 2012

Cloud security expert MailGuard prevented thousands of highly sophisticated fast-breaking email threats reaching their intended destinations at Australian businesses yesterday. MailGuard recommends any business receiving email headed ‘Your UPS package could not be delivered’, not to open it under any circumstances.

“Any business who received the UPS package message should delete it and urgently review their email security - it should have blocked the email. Adequate and up-to-date protection is a must to stop new kinds of fast-breaking email threats and viruses,” said MailGuard CEO Craig McDonald.

The UPS email scam differs from traditional virus attacks because it doesn’t actually contain a virus. The recipient is tricked into downloading a tracking app which in turn downloads a virus in the background.

This type of attack can take out entire networks and lead to costly downtime, maintenance, system repair, and of course, lost revenue.

How the threat plays out:

  1. The email is intended to capture recipient interest; to make them think they have a package delivery – and who doesn't want a parcel?
  2. Most people ignore the warning signals telling them they aren't expecting anything.
  3. To track the "missing parcel" they're asked to install an executable file on their system.
  4. The executable file isn't a virus, but it is designed to download a virus when executed.

Preventing fast-breaking email threats

An organisation is open to these threats if using out-of-date desktop anti-virus protection or inadequate email filtering. Lax security often results when users are left responsible for updating their desktop anti-virus and ensuring virus definitions are current.

As the volume and sophistication of threats continues to grow, MailGuard encourages businesses to consider email and web security services hosted in the cloud. In this environment, a service provider manages all updates and service enhancements for their customers.