DHL Notification Malware Email

Outline
Email purporting to be from international mail delivery service DHL claims that a parcel has been sent to the recipient. The message advises the recipient to open an attached file to view the parcel tracking number and access more information about the delivery.



Brief Analysis
The email is not from DHL. The attachment contains malware that, once installed, can connect to malicious website and download additional malware components.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:

Scroll down to submit comments
Last updated: 12th March 2010
First published: 12th March 2010
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Example


Detailed Analysis
This crudely rendered malware message purports to be from international mail delivery service DHL. The message notifies the recipient that a parcel has been sent to his or her address and is expected to arrive within seven business days. It advises the recipient to open an attached file to retrieve a tracking number for the parcel along with more information about the delivery.

However, the email is certainly not from DHL and the attachment does not contain delivery information. Instead, the attachment harbours malware. Opening the attachment can install a trojan that can subsequently make connections to malicious websites and download additional malware modules. The malware can collect information from the infected computer and relay it back to Internet criminals.

Many recipients will quickly suspect that the message is not from DHL because of the very poor spelling and grammar. Moreover, DHL is very unlikely to contact customers via an unsolicited, generic email that contains delivery information in an attached file. DHL has been regularly targeted in the past by criminals intent on distributing malware. The names of other well-known delivery companies, including UPS and FedEx have also been repeatedly used by malware distributors. Another recent malware attack consisted of emails purporting to be from Post Express.



References
Sloppy spelling scuppers DHL malware spam attack
Not Able to Deliver UPS Package Malware Email
FedEx Incorrect Delivery Address Malware Email
Post Express 'Incorrect Delivery Address' Malware Emails
Spamvertised DHL notifications lead to malware

comments powered by Disqus

---

Pages in this month's issue:

1. "Photo U Got Tagged In" Rogue App
2. Internet Rumour: Ramsgate Abduction Attempts - Man With Grey Hair & Glasses Driving a Red Car
3. Little Rupert The One Pound Deer
4. Is Lemon A Cancer Killer That is 10,000 Times Stronger Than Chemotherapy?
5. Modelling Agency Overpayment Scam
6. Japanese Tsunami 'Whale into Building' Clickjacking Scam
7. Hacker Warning Hoax - Do Not Accept Friend Requests From Bobby Roberts
8. DHL Notification Malware Email
9. Crosses on the Beach at Santa Barbara - ACLU Suit Against Military Crosses And Prayer in the Military?
10. Scammers Exploit 'Facebook Closing Down' Hoaxes via Rogue Apps
11. July 2011 - 5 Fridays, 5 Saturdays, 5 Sundays
12. Craigslist iPad Giveaway Survey Scam
13. Buscopan Syrup Recall Warning
14. Facebook 'Virus Alert' - Charlie Sheen Found Dead
15. White Van with Red Dragon Abduction Alert Messages
16. Crocodile In Sugar Mill Sump
17. Australian Tax Refund Scam Email
18. Dog Comes Home With Deadly Snake Around His Snout
19. Bogus Hacker Warning - &#039 Between First and Second Names in Facebook Chat
20. False Virus Warning - Do Not Add "Smartgrrl15" Because Its a Virus
21. New Prison Photographs - Prison vs Work
22. Pepsi Can Email Hoax
23. False Story Claims 450 Gaza Grooms Wed Girls Under Ten in Mass Muslim Marriage
24. Baby Pacey Moore Prayer Request
25. Slow Dance Charity Hoax
26. Fake BBC News Alert Warns of Radiation Rain in Asian Countries
27. Yahoo Account Phishing Scam Email