It is designed to steal user's confidential information, such as passwords related to different web services or banking entities. It reaches the computer attached to an email message that passes itself off as a notification sent by the UPS company.

Windows 2003/XP/2000/NT/ME/98/95

Sinowal.WHZ is a Trojan designed to steal user's confidential information, such as passwords related to different web services or banking entities.

Sinowal.WHZ reaches the computer attached to an email message that passes itself off as a notification sent by the UPS company.

Sinowal.WHZ is easy to recognize, as it reaches the computer attached to an email message which seems to have been sent by the UPS company.

The message has the following characteristics:

• Sender: United Parcel Service of America
• Subject: Postal Tracking #%random characters%
• Message:
  Hello!
  
  We were not able to deliver postal package you sent on the 14th of March in time
  because the recipients address is not correct.
  Please print out the invoice copy attached and collect the package at our office.
  
  Your United Parcel Service of America
• Attachment: UPS_FAX_%random characters%.