Mark Berry April 19, 2012
Here’s a new variation on the airline ticket virus email that I reported on last November. An email supposedly from the United States Postal Service says that I have a parcel waiting in Kansas City, and tells me to open the attached file:
Don’t open the attachment! It’s a virus.
There are several grammatical errors in the email which should make one suspicious. Plus I doubt that the USPS would send an email with zip file attachments. In fact, the USPS has a prominent warning about these emails on their home page that links to this PDF document:
As usual, the icon for the extracted file is disguised to look like a document (in this case PDF), but if you turn off “Hide extensions of known file types” in Windows Explorer > Tools > Folder Options > View, you’ll see that it is actually an executable (.exe) file:
Fortunately, a day and a half after receiving the email, 27 of 42 anti-virus engines are detecting the attachment as a virus, according to VirusTotal:
Microsoft Security Essentials, updated 4/19/2012, catches this one:
Microsoft Security Essentials is free for home use and for small businesses with up to 10 PCs.