Pushdo Sends Fake UPS Invoices

Every weekend, for some months now, the Pushdo botnet routinely sends out spam with zip archives attached and usually a celebrity video theme to lure users. The zip file is usually named film.zip or video.zip and contains an executable file.

Over the last weekend Pushdo has been sending emails that claim to be from the "UPS Packet Service" and claims that a package you have sent could not be delivered and that the attached "invoice" needs to be printed out in order to collect the package.

The attached file is ups_invoice.zip containing the file ups_invoice.exe. As an added deception the executable file also has the same icon as an MS Word document.

This file is currently not well detected by antivirus engines. Users should always be wary of opening any type of attached file from unknown or even known senders.

MailMarshal customers are protected from these Pushdo emails with SpamCensor 253.