Don't open dhl_n756512.zip

by Graham Cluley on March 27, 2009 | Comments Off

Filed Under: Malware, Spam

We have been watching a large scale malicious spam campaign posing (once again) as an email from courier firm DHL.

Just like last time the messages claim that DHL tried to deliver a parcel from you on the 14th of March, and that you need to print out the attached invoice (contained inside dhl_n756512.zip) and bring it to their office.

DHL Tracking Number malicious email

Of course, opening dhl_n756512.zip is not to be recommended. It contains the Troj/Agent-JJP Trojan horse and will put the security of your computer into remote hackers.

The emails that are currently arriving in our spam traps, battering down like hailstones on a tin roof, all use the subject line "DHL Tracking number" but have a randomly generated reference number.

Malicious emails claiming to come from DHL

Of course, the hackers are bound to use this trick again. And it's trivial for them to change the filename - so it's not as simple as simply avoiding files called dhl_n756512.zip. You actually have to be careful about *any* unsolicited file attachment you are sent.

Tags:

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.