In an attempt to proactively notify you of new internet security threats, we want to inform you of a serious email trojan outbreak that you should be aware of and act upon.

There are currently a significant amount of threat based emails that are representing themselves as Shipment Notifications from the major world shippers: UPS, Fedex & DHL. The email may claim that the shipper was unable to deliver a package due to an incorrect mailing address. The email then asks the recipient to print off the attached shipping label in order to claim their package. In reality, the attachment contains a nasty piece of malware, particularly a Trojan, which may copy itself into your computer.  DO NOT OPEN this ZIP file. Period. It contains a software threat known as a trojan horse.

A Trojan horse is an attack method by which malicious or harmful code is contained inside apparently harmless files. Once opened, the malicious code can collect unauthorized information from your computer that can be exploited for various purposes, or permit your computer to be used surreptitiously for other malicious activity. The emails are sent to specific individuals rather than the random distributions associated with a phishing attack or other Trojan activity. (Phishing is the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that can be used for identity theft.)

While most of the threat prevention tools out there are quickly catching on and addressing the issue, Kreative is still experiencing a lot of customers who are having problems with this by opening these emails from unsuspecting individuals. The fact that they show the origination email as " This e-mail address is being protected from spambots. You need JavaScript enabled to view it " for example, many spam firewalls are allowing it to pass through to your Inbox.

Typically they have verbiage such as shown below:

START

Dear customer!

Unfortunately we failed to deliver postal package which was sent on the 5th of December in time because the recipient’s address is incorrect.

Please print out the invoice copy attached and collect the package at our department.

United Parcel Service of America.

END

While this is not a new technique, we have been seeing it turn back up in large quantities again. All of the shipper’s are fully aware of the problem but because the emails aren’t actually originating from them, there’s not much they can do.

What can you do? – First and foremost, do not open the attachment. If you receive anything from UPS, Fedex or DHL related to a shipment, it will most likely be in PDF format (which is safe). If you perceive it’s a real email related to a shipment you have placed, logon to the appropriate shippers website and check the status of your package there or simply call them.

Second, if you have already opened one of these email attachments and you have a threat prevention software … that is currently updated … you will receive a notice in the form of a pop-up window stating the your software identified the threat. If you have opened an attachment and did not receive a notification then you should be concerned and seek assistance, either from the Kreative team or your own IT provider, to identify why your software did not identify the threat and help to address the removal of any possible Trojans’ you may have received.

Should you have any questions or concerns about the outbreak or need assistance in identifying whether your computer has been affected, please feel free to contact the myKreative Support services team. We will ensure that you workstation(s) are safe and secure.