Do you ship post via UPS? Do you have an explanation to track packages and approve shipments? If so you be supposed to be on the lookout for a new phishing spam creation the rounds. The email comes from an explanation that appears to be “UPS Communication” with the subject of “Important Update”.
The email reads:
“Please note that we have made new and important changes to your account. Login to view new updates. MY UPS © 2011 United Parcel Service of America, Inc. UPS, the UPS brandmark, and the color brown are trademarks of United Parcel Service of America, Inc. All Rights Reserved.”
The link MY UPS leads to a compromise website in the Seychelles. It appear the attacker have browbeaten a susceptibility in the Joomla CMS installed on the host. The webpage is in fact a screenshot of the real My UPS website with the form fields for login insert in the right location. It appears the Internet Explorer phishing filter is not up till now detecting this page as a phishing site. It is improbable the phishers are actually trying to access your UPS account, but quite are counting on the fact that most users reuse their usernames and passwords for multiple sites.
As customary the best defense is to never click a link in an email. If you think you are getting a communication from an organization you do business with, do the similar thing and open your browser and type in their address directly into the location bar.