I recently received an email with a subject, “DHL Package delivery status”, and an attachment notifying me of a failed shipment via DHL. Similar email has been going around online for a while. If you have recently sent something via DHL and waiting for a delivery status from them, be sure not to fall for this hoax email and infect your computer with malware through this Phishing attempt.
DHL Package Delivery Status: Sample of Hoax Email
“Dear aneesh, with this message we notify you that shipment at your destination, tracking ID #30595788, has FAILED due to an address mismatch. To obtain your parcel please print out the attached document and contact DHL US support.
Feel free to contact us with further questions.
If you would like to speak to a DHL Express Support Agent, please call the DHL Service Desk at 1-800-527-7298.”
Cisco Threat Outbreak Alert has confirmed that the attached .Zip file contains a malicious .exe (executable file) that attempts to infect computers with malicious codes when executed.
There are few other variances of the email which are active online now, some of them are as follows:
1. Subject: DHL Express Delivery Notification Message TrackId-3ATZF0QF7R6J
DHL Express Tracking Notification: Wed, 31 Jan 2012 08:41:04 +1000
Custom Reference: 556569-Q256OT5P5OF
Tracking Number: FK4E-2723705313
Pickup Date: Wed, 31 Jan 2012 08:41:04 +1000
Wed, 31 Jan 2012 08:41:04 +1000 – Processing complete successfully
PLEASE REFER TO ATTACHED FILE FOR DETAILED INFORMATION.
Shipment status may also be obtained from our Internet site in USA under hxxp://track.dhl-usa.com or Globally under hxxp://www.dhl.com/track
Please do not reply to this email. This is an automated application used only for sending proactive notifications
Thanks in advance,
DHL Express International Inc.
2. Subject: DHL Express Tracking Notification ID A9ELGJGQD0CKGX4FQNQQ0
DHL Express Tracking Notification: Mon, 5 Feb 2012 13:07:27 +0100
Custom Reference: 63910-YAY5RC7MKH85
Tracking Number: 2N0-08810977971
Pickup Date: Mon, 5 Feb 2012 13:07:27 +0100
(Source: Cisco Security Center)
If you have come across similar emails, be sure not to open the attachment, but delete it from your Mailbox to protect your computer from this security threat.
Do you find this information useful? Share it with your friends on Facebook, Google+ or Twitter or your other Social Media. You can also follow me on Twitter @sarayoo.info or Google+ or Like me on my Facebook or on my LinkedIn for regular updates, technology tips and tricks, iPhone, iPad, other iOS devices tips, iOS App Deals, Blogging tips, etc. Please leave your comments in the comment section or contact me if you have any other questions.