Sophos XG and AP/APX users may experience issues registering to Sophos Central. More info available here: XG Firewall - Central Wireless
We'd love to hear about it! Click here to go to the product suggestion community
I have received this email a few days ago.
*** This is an automatically generated email, please do not reply ***
From: Canada Post [mailto:firstname.lastname@example.org] Sent: Tuesday, June 28, 2011 9:33 AMTo:XXXSubject: Package delivery failed for XXX !
We attempted to deliver your item at 09:23 am on June 28th, 2011.
The delivery attempt failed because nobody was present at the shipping address, so this notification has been automatically sent. You may arrange redelivery by visiting the link below or pick up the item at the Canada Post Office indicated on the receipt.
If the package is not scheduled for redelivery or picked up within 48 hours, it will be returned to the sender.
Label/Receipt Number: RT094019141HKExpected Delivery Date: June 28th, 2011Class: Package ServicesService(s): Delivery ConfirmationStatus: eNotification sent To download the shipping receipt, in PDF format, visit:http://www.canadapost.ca/cpotools/apps/track/personal/findInvoiceByPackageId.aspx?id=8374890988930To check on the delivery status of your mailing or arrange redelivery please visit the following URL: http://www.canadapost.ca/cpotools/apps/track/personal/findByTrackNumber?execution=e9s1 Thank you, Â© 2011 Canada Post Corporation
udiar14 - I thought it is real email I did press on the link below.
To download the shipping receipt, in PDF format, visit:
It did download the file and double click to open it. It did not open anything and maybe install an EXE.
I have a few questions:
1. Anyone knows if Sophos can find the EXE and remove it?
2. What the EXE is trying to do?
3. I did run the Sophos software on my laptop and it did not discover anything!!
4. I also run: Malwarebytes' Anti-Malware , Spybot - Search & Destroy , Windows Defender , none of these product found anything?
5. Am I safe? is my pc really clean?
We have had 3 users get this e-mail last night and this morning.
Two of them even clicked the links (:manmad:)
Did they really think that a Canadian postal service was going to be delivering them a parcel in the UK for F***sake where do we find these users from :mansad:
I have submitted it to email@example.com
Hopefully the sophos appliance will start catching it soon!
Hello udiar14, could you confirm if you have on-access scanning enabled? If not i would recommend a full system (inc scan of the affected system at the very least. IanRMartin thank you for your submission, it should be processed and in place shortly I would expect, if you see it still popping up please let us know. Thank you for the heads up though all.