Phishing emails have been, and most likely will be, the most used method of spreading malicious programs. In this case, if the user looks at the sender’s email address, they see [email protected][.]com, which is not a domain that UPS would use. One of the recommended defenses against phishing is to check the email address of the sender. This example shows a malicious sender, but it is also possible for attackers to spoof the sender address if they don’t need to handle replies. Any email that includes a download should be treated as suspicious, especially any Word or Excel file that seems to be “encrypted” or “secure” and asks the recipient to enable macros or click the “Enable Content” button to decrypt the content – these are almost always malicious files.