The e-mail for all the world looked like it was coming out from UPS (it was sufficiently well-spoofed that its return did go there), and had a heading about a tracking number. There were a couple of "red flags" in the text (it mentioned a "postal shipment", for instance) but was structured so that most folks, at this time of year, would say "shit!" and click to see what was up ...
The attached file looks to be a zipped Excel file, but when you click on the zip file (yes, I was that fooled!) the was an .exe file in there. What's extra creepy about this is that AVG said "No virus found in this incoming message." so whatever is in that zip isn't yet in the database, or is sufficiently cloaked that it's not being recognized!UPS: Your Tracking # 677729870775
Sorry, we were not able to deliver postal package you sent on November the 25th in time because the recipient’s address is not correct.
Please print out the invoice copy attached and collect the package at our office. If you do not receive package in ten days you will have to pay 36$ per day.
Your UPS Support Team
I just thought I'd pass along the warning that this nasty is out there ... I'm very vigilant about this stuff, and I was a click or so from having this on my system ... so wanted to have folks recognize this if it shows up in your in-box too!