I thought I’d take a different turn with the first article — and look at one of the nasty emails that arrived this week. No, not one of those emails, one of the emails that brought malware along with it. Of course, let’s see what they’re trying to do to me (and to you, if you get these, too).

First, the malware-infested email is trying to use “social engineering” to get us to open the emails. What’s social engineering? It’s designing emails to mislead you into a gullible, unthinking response to do exactly what the bad guy wants. Sometimes, he wants your personal information. Other times, he wants to infect your computer. The name of his game is “money.”

The first one that made me think of this article was one that claimed to be a notice from the UPS delivery service. It read like this:

From: “UPS Mail Support”
To:
Subject: Your Tracking # 9473631090

Sorry, we were not able to deliver postal package you sent on October the 19th in time
because the recipient’s address is not correct.
Please print out the invoice copy attached and collect the package at our office.
If you do not receive package in ten days you will have to pay 6$ per day.

Your UPS

Attachment: UPSInvoice8771.zip

First, let’s take a look at some of the email headers, especially ones that email users don’t normally see unless they look for them.

Continue reading Examining a Malware-bearing Email (Trojan email)