Issue 151 - April, 2013 (1st Edition) - Page 17
DHL Notification Malware Email
Emails purporting to be from international mail delivery service DHL claim that a parcel has been sent to the recipient or that a parcel could not be delivered due to an addressing error. The messages advise the recipient to open an attached file to view a parcel tracking number and access more information about the delivery or print out a delivery label.
The emails are not from DHL. The attachments contains malware that, once installed, can connect to malicious websites, download additional malware components and steal personal information from the infected computer.
Subject: DHL delivery report
Our company’s courier couldn’t make the delivery of parcel.
REASON: Postal code contains an error.
LOCATION OF YOUR PARCEL: New York
DELIVERY STATUS: sort order
SERVICE: One-day Shipping
NUMBER OF YOUR PARCEL: ETBAKPRSU3
Label is enclosed to the letter.
Print a label and show it at your post office.
An additional information:
If the parcel isn’t received within 15 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $8.26 for each day of keeping of it.
You can find the information about the procedure and conditions of parcels keeping in the nearest office.
Thank you for using our services.
These crudely rendered malware messages purport to be from international mail delivery service DHL. One version of the message notifies the recipient that a parcel has been sent to his or her address and is expected to arrive within seven business days. It advises the recipient to open an attached file to retrieve a tracking number for the parcel along with more information about the delivery.
A later version claims that a parcel sent to the recipient could not be delivered due to an apparent addressing error. The message advises the user to open an attached file and print out a postal label to resolve the issue and collect the parcel. It warns that , if the parcel is not collected within 15 days, DHL will start charging a daily fee for storage.
However, the emails are certainly not from DHL and the attachments do not contain delivery information or addressing labels. Instead, the attachments harbour malware. Opening the attachment can install a trojan that can subsequently make connections to malicious websites and download additional malware modules. The malware can collect information from the infected computer and relay it back to Internet criminals.
Many recipients will quickly suspect that the message is not from DHL because of the very poor spelling and grammar
. Moreover, DHL is very unlikely to contact customers via an unsolicited, generic email that contains delivery information in an attached file. DHL is regularly targeted by criminals intent on distributing malware. The names of other well-known delivery companies, including UPS
have also been repeatedly used by malware distributors. Another such malware attack consisted of emails purporting to be from Post Express
If you receive one of these fake DHL emails, or a similar message claiming to be from another delivery company, do not open any attachments that it contains. Note also that some versions may try to trick recipients into clicking links that lead to compromised websites that also contain malware.
Last updated: March 21, 2013
First published: March 12, 2011
By Brett M. Christensen
Pages in this issue:
- Viral Facebook Message Falsely Claims that a Pictured Man is Posing as an RSPCA Officer and Stealing Dogs
- 'Bad Brit' - Nigel Farage and the Tory Party's Worst Nightmare
- Digital Pad ATM Skimming Device Warning
- UK National Lottery Scams
- Gun Owner Vehicle Tagging Hoax
- Carol's Story - Dating Scam
- Message Calls For Boycott of Starbucks For Its 'Attack on Traditional Marriage'
- Ransomware Warning
- Use Left Ear For Mobile Phone Hoax
- Bogus Warning - White Transit Van 'RH57 WSU' Trying To Steal Dogs
- Urban Legend - Couple Arrested at Airport with Dead Baby Stuffed With Drugs
- ACH Processing Service Malware Email
- Baby With Bong Protest Message
- Linda Singh - Blackberry Money for Forwarding Hoax
- Hoax - 'Punjab Rape Festival'
- Beware - 'Unsealed' Product Giveaways on Facebook
- DHL Notification Malware Email
- Fake CNN Emails About Pope Point to Malware
- Angolan Witch Spider - Giant Spider Hoax
- Bogus Health Warning - Scratch Card 'Silver Nitro Oxide' Coating Causes Skin Cancer
- March 2013 - Five Fridays, Five Saturdays, Five Sundays
- Australian Tax Refund Scam Email
- 'Confidential Document' Google Docs Phishing Scam