The Bredo malware has returned. Bredo, of the fake resume/greeting card fame has returned, this time as a fake package/tracking number notification. It will come as a supposed UPS information email, but instead of the usual UPS notification, it will not contain any info in the body of the email, but rather as downloadable attachment (major warning #1). The download is a zip file, which contains an exe (major warning #2)...

Currently, there are are only 2 AVs detecting this...Sophos and Nod32.

Thanks for the heads up.

I second jlreich. I'll pass on this information to my less-informed friends and family. Thanks, mjc.

I got two notifications this morning from UPS...one was real, the other was the fake and side by side it's rather obvious which is which. But, the fake is good enough to lure in the average 'Joe'.

I'm amazed people still fall for these kinds of things, why would you need to download and extract an exe just to get your tracking number?