According to this email, which purports to be from American package delivery company United Parcel Service (UPS), your new invoice is now available.
It urges you to download the invoice from the UPS Billing Center to view and pay the bill. The email includes the UPS logo and colour scheme and at least at first glance, may appear to be a genuine UPS notification.
However, the email is not from UPS and clicking the link will not download an invoice as claimed.
Instead, clicking the link downloads a .zip file that contains a seemingly innocuous Microsoft Word document.
When you attempt to open the Word document, you will be prompted to enable macros, supposedly for security reasons. If you do enable macros, a malicious macro will then download and install further malware.
Complex macros can be created using VBA (Visual Basic for Applications) and can be very helpful in some workflows.
But malicious VBA macros can also be created and distributed. In years gone by, macro viruses were common computer security threats. But, for the last several years, they have been much less significant due to the fact that later versions of Microsoft Office disabled macros by default and implemented other security measures.
However, criminals have apparently realized that many computer users will have forgotten about or have no knowledge of macro threats. Thus, malicious macros are again being used to spread malware.
In modern incarnations of the threat, criminals do not try to subvert in-built security systems but use simple social engineering techniques to get users to allow the macros to run. The criminals rely on the curiosity of recipients who may proceed without due caution in the hope of finally viewing the promised document content.
Unless you have a compelling reason, you would be best to leave macros disabled by default. And do not believe any message that claims that you must enable macros to view or interact with Microsoft Office documents.
This malware may be ransomware that locks your computer files and then demands that you pay a fee to the scammers to receive an unlock key. Or, the malware may be designed to steal information such as banking passwords from the infected computer.
Online criminals have been distributing malware via bogus UPS notification emails for a number of years. Be wary of any email that claims to be from UPS and urges you to click a link or open an attached file to deal with a supposed delivery error, pay a bill, or update account details.
UPS has information about recognising and reporting such fraudulent emails on its website.
Note that criminals use the names of other well-known delivery companies around the world in very similar malware campaigns.
An example of the malware email:
Original Source : https://www.hoax-slayer.net/fake-ups-invoice-links-to-macro-malware-download/