According to researchers from GFI Software the security company, spammers are using the infamous PDF malware within their maliciously-crafted e-mails that pose as being sent from USPS. Softpedia.com published this on November 11, 2011.
Addressing recipients of the e-mail, the spam mail supposedly from USPS regretfully tells the reader that the company couldn't hand over the postal parcel he had dispatched on September 19, 2011 as the address where it was to be given didn't exist. The message finally requests the reader to find an attachment in the e-mail, which apparently contains the shipment sticker followed with taking its print out, and collecting the parcel from the postal service's office.
But, upon opening this attachment, which contains a file named USPS report.pdf, that when downloaded as well as run, however, produces malware. This malware subsequently begins infecting by connecting to one particular IP address, which works like a step.exe executable, in reality a FakeSysDef variant.
...
