Emailed Virus Threats (Part II)

This morning, I received an inquiry about a virus threat in the form of an email from UPS or FedEx claiming that they had a package with an incorrect delivery address that needs correcting. The user is asked to open an attachment to begin the process of correcting the address. The email threat is verified at

In an ongoing effort to help us all understand and evaluate these threats for ourselves, I wanted to comment on this particular email, which is being circulated with the opening line “With Christmas fast approaching, watch out for this … be alert!!!”

While does indeed verify that this virus is in circulation, it was first identified in July, nearly six months ago. In relative terms of the life cycle of an email virus, dinosaurs ruled the earth six months ago. However, this is a learning opportunity, so I will explore the points you can use for self-defense against this kind of fear-mongering:

1. If you’re keeping your anti-virus software up to date, the only virus alerts you need worry about are those that come to you from your anti-virus software publisher. By keeping the software up to date, you are keeping your computer protected from new viruses and certainly from viruses that are six months old.

2. This particular emailed virus appears to have been sent from UPS or FedEx and refers to a “Packet” shipment. This is not typical UPS or FedEx (or even U.S.) usage. Typically the term we use in the States is “Package.” This nuance is important to note, because many virus threats like this originate offshore, so being alert to strange usage and obvious grammatical errors of the sort made by non-native speakers of U.S. English is useful in spotting many threats: viruses, financial scams, etc.

3. One use of the word “Packet” was misspelled as “Paket”. While we humans make typographical errors, the computers that automatically generate legitimate emails of this sort for UPS or FedEx, do not.

4. Finally, the presence of an attachment from anyone you don’t personally know is always a red flag. Companies like UPS, FedEX, your bank, your insurance company,, or any other legitimate e-commerce operation today will almost never include attachments. Always be wary of attachments ending in .exe, .zip and .doc. My personal policy is not to open these. Ever. If the contents are that important to me, I can find another way to get them that doesn’t involve the risk.

As always, questions about this topic, or any other, can be sent to the Tech Committee at lionstechgroup@REMOVETHISyahoogroups.ANDTHIScom. (Why does this email address look so strange?)