Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 113 - April 2011 - Page 8

DHL Notification Malware Email

Issue 113 Start Menu

Previous Article            Next Article

Email purporting to be from international mail delivery service DHL claims that a parcel has been sent to the recipient. The message advises the recipient to open an attached file to view the parcel tracking number and access more information about the delivery.

Brief Analysis
The email is not from DHL. The attachment contains malware that, once installed, can connect to malicious website and download additional malware components.

Bookmark and Share
Detailed analysis and references below example.

Scroll down to submit comments
Last updated: 12th March 2010
First published: 12th March 2010
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Subject: DHL notification

Dear customer.

The parcel was send your home address.

And it will arrice within 7 bussness day.

More information and the tracking number are attached in document below.

Thank you.
2011 DHL International GmbH. All rights reserverd.

Detailed Analysis
This crudely rendered malware message purports to be from international mail delivery service DHL. The message notifies the recipient that a parcel has been sent to his or her address and is expected to arrive within seven business days. It advises the recipient to open an attached file to retrieve a tracking number for the parcel along with more information about the delivery.

However, the email is certainly not from DHL and the attachment does not contain delivery information. Instead, the attachment harbours malware. Opening the attachment can install a trojan that can subsequently make connections to malicious websites and download additional malware modules. The malware can collect information from the infected computer and relay it back to Internet criminals.

Many recipients will quickly suspect that the message is not from DHL because of the very poor spelling and grammar. Moreover, DHL is very unlikely to contact customers via an unsolicited, generic email that contains delivery information in an attached file. DHL has been regularly targeted in the past by criminals intent on distributing malware. The names of other well-known delivery companies, including UPS and FedEx have also been repeatedly used by malware distributors. Another recent malware attack consisted of emails purporting to be from Post Express.

Bookmark and Share References
Sloppy spelling scuppers DHL malware spam attack
Not Able to Deliver UPS Package Malware Email
FedEx Incorrect Delivery Address Malware Email
Post Express 'Incorrect Delivery Address' Malware Emails
Spamvertised DHL notifications lead to malware

comments powered by Disqus

Previous Article            Next Article

Issue 113 Start Menu

Pages in this month's issue:
  1. "Photo U Got Tagged In" Rogue App
  2. Internet Rumour: Ramsgate Abduction Attempts - Man With Grey Hair & Glasses Driving a Red Car
  3. Little Rupert The One Pound Deer
  4. Is Lemon A Cancer Killer That is 10,000 Times Stronger Than Chemotherapy?
  5. Modelling Agency Overpayment Scam
  6. Japanese Tsunami 'Whale into Building' Clickjacking Scam
  7. Hacker Warning Hoax - Do Not Accept Friend Requests From Bobby Roberts
  8. DHL Notification Malware Email
  9. Crosses on the Beach at Santa Barbara - ACLU Suit Against Military Crosses And Prayer in the Military?
  10. Scammers Exploit 'Facebook Closing Down' Hoaxes via Rogue Apps
  11. July 2011 - 5 Fridays, 5 Saturdays, 5 Sundays
  12. Craigslist iPad Giveaway Survey Scam
  13. Buscopan Syrup Recall Warning
  14. Facebook 'Virus Alert' - Charlie Sheen Found Dead
  15. White Van with Red Dragon Abduction Alert Messages
  16. Crocodile In Sugar Mill Sump
  17. Australian Tax Refund Scam Email
  18. Dog Comes Home With Deadly Snake Around His Snout
  19. Bogus Hacker Warning - &#039 Between First and Second Names in Facebook Chat
  20. False Virus Warning - Do Not Add "Smartgrrl15" Because Its a Virus
  21. New Prison Photographs - Prison vs Work
  22. Pepsi Can Email Hoax
  23. False Story Claims 450 Gaza Grooms Wed Girls Under Ten in Mass Muslim Marriage
  24. Baby Pacey Moore Prayer Request
  25. Slow Dance Charity Hoax
  26. Fake BBC News Alert Warns of Radiation Rain in Asian Countries
  27. Yahoo Account Phishing Scam Email