Subject: FW: Please DO NOT OPEN emails with subject like: UPS Tracking Number
######Date: Thu, 28 Aug 2008 20:25:01 -0400From: [EMAIL PROTECTED]: [EMAIL
PROTECTED]
-----Original Message-----From: PAR MessengerSent: Thu 8/28/2008 4:08 PMTo:
PTC; PTI; PGSC; RRCCc: Roger Marcoux; [EMAIL PROTECTED]: Please DO NOT OPEN
emails with subject like: UPS Tracking Number ######We apologize for another
repeat of this message. However we have recently had several users contaminate
their PCs with the UPS virus. Again please DO NOT OPEN any emails that appear
to come from United Parcel Service [UPS]. The email contains a trojan style
virus and may require a complete and painful rebuild of your PC to eliminate.
Mcafee details are below.Up-to-date McAfee VirusScan users with DAT 5348 or
higher and minimum scan engine of 5100 are protected from this threat. To
check your VirusScan version, right click the 'V' shield in your system tray
(lower right hand corner of your display); left click on 'About VirusScan
Enterprise'. The Scan Engine Version and DAT Version will be listed in the
window. If you need any assistance in updating your McAfee software please
contact your local Help Desk. The virus attachment will have been removed by
our Exchange mail servers before the message reaches your mailbox. But as
always, any e-mail attachments should be handled with caution.Characteristics
-UPS has issued a warning about a new computer virus circulating as an
attachment to emails purporting to originate from the 'UPS Packet Service.' The
warning is authentic. The virus is real and is a new variant of Spy-Agent.bw.
It can connect to the following website to communicate stolen data, log actions
and receive instructions:* blatundalqik.ru The subject line
of the email message that contains the virus will be in the form of UPS
tracking code/number (such as UPS Tracking Number 9686554756) or something
similar.The bogus Packet Service messages claim a parcel sent by the user was
undeliverable due to an incorrect address. The user is instructed to open an
attachment containing a copy of the invoice. The attachment on the email
message is usually a zipped file that once opened will deploy braviax.exe and
burito.exe on your system. These two programs will run and continue to download
other dangerous programs to your computer. We have also noticed that the
programs disable antivirus programs that may be installed on the user's
computer. Properly updated antivirus programs prevent this from happening.
Spy_Agent.bw is a trojan. Unlike viruses, trojans do not self-replicate. They
are spread manually, often under the premise that they are beneficial or
wanted. The most common installation methods involve system or security
exploitation, and unsuspecting users manually executing unknown programs.
Distribution channels include email, malicious or hacked web pages, Internet
Relay Chat (IRC), peer-to-peer networks, etc.As a general rule, users should
always be wary of opening unknown file attachments, and maintain up-to-date
antivirus protection on their computers at all times.Thank you in advance for
your cooperation.This is the alert UPS is sending out about the virus. They
have also posted it on their web site:Attention Virus WarningWe have become
aware there is a fraudulent email being sent that says it is coming from UPS
and leads the reader to believe that a UPS shipment could not be delivered. The
reader is advised to open an attachment reportedly containing a waybill for the
shipment to be picked up.This e-mail attachment contains a virus. We recommend
that you do not open the attachment, but delete the email immediately.UPS may
send official notification messages on occasion, but they rarely include
attachments. If you receive a notification message that includes an attachment
and are in doubt about its authenticity, please contact [EMAIL PROTECTED] note
that UPS takes its customer relationships very seriously, but cannot take
responsibility for the unauthorized actions of third parties.Thank you for your
attention.
_________________________________________________________________
Talk to your Yahoo! Friends via Windows Live Messenger. Find out how.
http://www.windowslive.com/explore/messenger?ocid=TXT_TAGLM_WL_messenger_yahoo_082008
