Don’t Claim This Package! DHL Email Malware Spam Alert!
by Debra N. Diener J.D. CIPP G
The scams keep coming so I want to alert you about a new malware attack that looks like a legitimate email from DHL Express International. I learned about the scam from Graham Cluley’s recent article (www.nakedsecurity.sophos.com; “A DHL delivery which is nothing but malware-Windows users warned of email attack”).
How does it work? It’s a variation on the typical scam model so Windows users need to be on the alert.
As Mr. Cluley explains, spam emails go out with a header making it appear to be from DHL Express International. The subject line reads “DHL delivery report”, the message states that the recipient has a package waiting for him but the delivery couldn’t be made because of an error in the postal code. The recipient might know he hasn’t ordered anything but maybe someone has sent him a package. So the unsuspecting recipient follows the email instructions to print off the label. The message instructs the recipient to then take that printed label to the post office to claim the package.
Of course the only “package” the recipient will get is the package of malware that’s in the label file attached to the email. In the case of the latest DHL scam, the recipient’s Windows computer now is infested with the Troj/Bredo-AGB Trojan horse malware.
Mr. Cluley’s article has an excellent screen shot of the scam email. As with so many of these scams, the heading and logo look authentic so it’s understandable that people who are rushed, or unaware of the scam, might open the label file. When in doubt, go to the DHL website, call the toll-free number and confirm if there is a package en route to you.
You might recognize the email as a scam but others you know might not. That’s why I want to share this scam with you so you can alert others.
______________
Ms. Diener is now an independent consultant on privacy, identity management, information protection and risk management. She served in senior managerial, legal, policy and legislative positions in all three branches of the Federal government. In addition to her privacy expertise, Ms. Diener played a lead role on such important domestic and international issues as criminal justice/law enforcement and financial services. She speaks frequently at industry and governmental conferences and meetings.
You may also enjoy reading
-
FRAUD ALERT: Package Delivery Email Scams Continue!
No sooner did we get the DHL email scam Fraud Alert posted then I received two new delivery service scam emails, one on UPS and one on FedEx. Both emails contained malicious attachments. The Fraudulent FedEx Express Email may look something like this: ... Continue Reading
-
Postal Service Warns: Do Not Open Bogus Package Delivery Emails
Beware of spam appearing to come from the U.S. Postal Service. Some postal customers are receiving bogus e-mails about a package delivery or online postage charges. The e-mails contain a link or attachment that, when opened, installs a malicious virus that can steal personal information from your PC. The e-mails claim to be from the U.S. Postal Service and contain fraudulent information about an attempted or intercepted package delivery or online postage charges. ... Continue Reading
-
FRAUD ALERT: Twitter Taunts Leads to Malware, Not Facebook Video
Twitter users, don't fall for this! A new scam uses direct messages to tease potential victims with a link to an embarrassing Facebook video. Try to view the clip, and you'll download a virus. How the Scam Works: You receive a Twitter direct message that seems to be alerting you to a video of yourself posted on Facebook. ... Continue Reading
-
FRAUD ALERT: Fake American Express Email Messages “Thanks for Updating Your Email”
American Express card holders beware! Scammers are using the credit card company's email address for a phishing scam. Consumers nationwide reported receiving fake emails informing them that their account's email address has been changed. These scam emails are remarkably sophisticated. Not only do they use the American Express logo, they copy the business's email design and color scheme. The fake messages even contain footer links labeled "View Our Privacy Policy" and "Contact Customer Service." ... Continue Reading
-
FRAUD ALERT: “DHL Tracking Notification” Email Scam
Fraudulent emails posed as being from “DHL Express” are being received by a number of businesses and possibly consumers as well. Although there may be other variations, the series of fraudulent emails I just received occurred like this: First, I received 4 emails early this morning that look like this: ... Continue Reading
