A brand new phishing attack is disguising itself as a UPS email that appears legitimate but utilizes a vulnerability in UPS’s main website.
UPS delivers over 21 million packages a year and has over 26 percent of the parcel service market share, making this an effective way to target inboxes.
All of the links in the email are legitimate except for the button that opens the track package page. It contains a malicious payload that exploits an XSS vulnerability. This vulnerability is exploited to eventually download a malicious Word document that then delivers another malicious payload.
Attacks like this demonstrate how crafty attackers can be and how tricky it can be to spot a phishing email. Using a professional product like Acronis Advanced Email Security means emails with malicious links and attachments are filtered from your inbox to protect you.
#UPS #phishing #malware #Acronis #CyberFit #CyberProtection #AcronisCyberProtectCloud #CyberSecurityNews #CPOCNews #CPOC #CyberSecurity #CyberProtect
Don’t get caught unaware. Stay up-to-date on what’s happening in the cyber protection world. Subscribe for more news from our Cyber Protection Operation’s Center.
Learn more about #CyberProtection: