Cyber criminals are targeting businesses with a UPS invoice phishing campaign that has already sent over half a million spam emails.

UPS is not the first well known logistics company to be used as the bait in a phishing email, as cyber criminals think it is likely that businesses have probably used their services before and are therefore more likely to follow the instructions in the spam email. The fake UPS emails contain malicious links to compromised sites which infect the user’s machine with malware when clicked on.

The phishing email looks like a legitimate invoice from UPS but every link in the email when clicked tells the user they are being redirected, then the java exploit begins and the malware is installed. The threat to the businesses IT Security is a kryptik Trojan which is placed using Java exploit.

Businesses must continue to make staff aware of the latest phishing scams so they are not caught out. They should also provide basic staff training on what to look for in a phishing email.

At Topsec Technology we provide IT Security Services including business antivirus software and email filtering to protect your business against such scams. Contact us for more information about our services and download a business antivirus Free Trial.

Source: http://www.v3.co.uk/v3-uk/news/2282716/bogus-ups-invoice-phishing-scam-hits-businesses