DHL Deja Vu: Tracking malware continues to hit inboxes

Filed Under: Malware, Spam

Even if you're 53 years old, you're probably still like me and get a childlike thrill whenever the doorbell rings and a delivery man hands you a parcel.

And it's that desire to receive an unexpected package that hackers prey upon when they spam out messages claiming to come from the likes of DHL, FedEx and UPS, having failed to correctly deliver it to your address.

Today we're seeing a lot of spammed-out email messages in our traps which use precisely this trick.

DHL malware email

A typical message (there are slight variations) reads:

Dear customer!

Unfortunately we were not able to deliver postal package which was sent on the 19th of July in time because the addressee's address is wrong.
Please print out the invoice copy attached and collect the package at our department.

Your DHL Delivery Services.

This isn't the most sophisticated attack in the world. For instance, if you check the From: header you'll find that the emails don't even go to the effort of pretending to come from a DHL email address. But there may well still be a fair few people who click on the attachment without taking the right care and attention.

And if you open the file inside the attachment (called M971c3e57.zip) you will be infected by the Troj/BredoZp-E Trojan horse, handing control of your PC over to malicious hackers.

It's worth repeating once again. Always be very very suspicious of unsolicited email attachments and make sure that your anti-virus software and anti-spam defences are kept properly up-to-date.

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.