Computer Virus Masqueraded As UPS And DHL Delivery Failure

The Morning Ritual

During my daily morning working ritual, that is, clearing emails, answering queries, replying to Twitters and checking out my Facebook account, all done with multiple windows on my 2 laptops and 3 screens using Synergy, an email from UPS suddenly caught my attention and all work was put on hold to check out this email. I’m usually a multi-tasker (who’s not), but in this case, nothing is more important than to read this email.

What’s The Story?

The reason why it gets my 100% attention is because we’ve recently help a customer to dismantle their server appliances from their Singapore office and ship them to their Belgium office, using UPS as our courier service. That job alone cost around S$4,900 for the shipping fees and the cargo itself is estimated to be around S$90,000. We almost make a loss for this job because another vendor who estimates the weight of the cargo for us miscalulated the total weight by a difference of over 90kg, meaning that the buffer charges we impose on the customer plus our profits have almost all gone down the drain, and if includes the manpower to do the migration, this definitely is a loss job. Any hiccups for this shipping is therefore not tolerated and that’s why my heart sinks and my mind froze when I read the first sentence from the email.

What’s In The Mailbox?

For your viewing pleasure, I’ve pasted the image of the email below:-

Computer Virus Masqueraded As UPS And DHL Delivery Failure

Computer Virus Masqueraded As UPS And DHL Delivery Failure

If you can’t see it, below is the exact mail from “UPS”:-


The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address.

You may pickup the parcel at our post office personaly!

Please attention!
The shipping label is attached to this e-mail.
Please print this label to get this package at our post office.

Please do not reply to this e-mail, it is an unmonitored mailbox.

Thank you.
United Parcel Service of America.


If you are in my shoe, will your heart pound fast and your brain starts to go berserk when you see this email?

Congrates if you don’t, you have a very steady heart :)

What’s The Give?

Thanks to my years of training as a I.T. professional, I’m able to recollect myself and start to think and work logically after the initial shock. The few things I noticed amissed are:-

  1. The email was send to me via my delson(at) account, which I immediately knows something was wrong because our UPS account is not linked to this email!
  2. I’ve corresponded with UPS multiple times before and the format and structure of this email seems not to be the same as those I’ve received from UPS previously.
  3. The tracking number seems to be shorter than usual for UPS, again, this is based on our frequent shipping experience with UPS itself.

With these 3 doubts that I have, I begin to suspect this is more of a rogue email rather than a legitimate one. I blew a breather and starts to relax myself a bit. At least right now I can “rest in peace” knowing that nothing was wrong with my recent shipping ;p

Don’t Do This At Home

It’s been a long while since I’ve gotten myself so exited, especially receiving any official email from anybody, I decided to kill my curiosity cat and open the attachment.

By doing so, I can learn more about this type of fraudulent email and secondly, to test my new version of AVG Internet Security software :)

I look for my AVG icon on my bottom-right taskbar and double-click to open it and make sure it is updated and running properly. This is especially important because what I am going to attempt to do will have a very avast result if my AVG Internet Security software is not running properly.

I double-click on the attachment (please be reminded again NOT to attempt this action if you are not prepared for any disastrous result and if your data are not backed up) and the zip file was opened to show an .exe file embedded in it. See image below:-

Rogue .exe File In Email Attachment From UPS

Rogue .exe File In Email Attachment From UPS

When I double-click on the .exe file, AVG kicks in and flagged it as a trojan and immediately blocked the access to the file and safely quarantined it away from me.

Well, this proves that my hunch was correct and that my AVG Internet Security software is working fine too.

I then delete this email from UPS and pops comes the next email from DHL, same format, same structure. See below:-

Fraudulent Email From DHL Regarding Shipping Failure

Fraudulent Email From DHL Regarding Shipping Failure

Even the attachment contains the same type of .exe file too, see below:-

Fraudulent Email Attachment From DHL Regarding Shipping Failure

Fraudulent Email Attachment From DHL Regarding Shipping Failure

Since I’m receiving these emails, I’ll presume that everybody will be receiving too, either sooner or later, but definitely will be, and therefore I’m writing this post to alert everybody about it. Please ensure that  your system is protected with an anti-virus software  and that it is updated to the latest version with the latest virus definition file.

Which AntiVirus Software I recommend?

For me, I’ll recommend AVG software (almost 95% of our customers are using AVG software and some has already renewed it twice since their first usage.)

Do note that AVG software comes with 2 years subscription and when my customer has renewed it twice, it means that they have been using it for more than 4 years already.

If  you are having a  little budget problem, feel free to download your free copy of AVG Anti-Virus Free Edition 9.0. There is absolutely no charge for this edition of AVG software but do note that this is just an antivirus software and do not have any firewall or antispyware to protect your system.

Alternatively, you can get FREE McAfee Internet Security software, which includes firewall and antispyware, with FREE 6 months of subscription just by becoming McAfee’s Official Facebook Fan.

Whichever you choose is not important, they are all great software, as long as you MUST choose one and get it installed in your system will do.

Good luck and have a great day.

Spam Protection by WP-SpamFree

Copyright © 2018 Pacific LANWorks Pte Ltd – System/Network Integrator, Accounting, HelpDesk Support & Maintenance
All Rights Reserved • Powered by juzzhost | Founded by Delson Moo
LiveZilla Live Chat Software