Beware! DHL Express malware attack appearing in inboxes

by Graham Cluley on October 15, 2012 | 3 Comments

Filed Under: Malware, Spam

Doorbell. Image from ShutterstockTake care folks if you're returning to your inbox today, after a weekend away. A malicious email could be lurking there - waiting to infect your computers.

SophosLabs has intercepted a widespread malware campaign that has been spammed out, disguised as a communication from DHL Express.

The emails have the subject line "Processing complete successfully", and claim to be a DHL Express Tracking Notification.

The emails look like the following (click on the image for a larger version):

DHL malicious email. Click for larger version

Attached to each of the emails is a file, DHL_Express_Processing_complete.pdf.zip, which contains malware that Sophos products detect as Troj/BredoZp-S.

If you unzip the file, and open its contents, you will be putting your Windows computer at risk of infection.

Malicious emails claiming to come from the likes of DHL, FedEx and UPS are nothing new. The reason why we continue to see malware attacks using this kind of disguise though is easy to understand - it works.

Don't allow yourself, your friends and family to be suckered in by social engineering like this.

Get clued up about security threats by reading sites like Naked Security (you can subscribe to our free newsletter or RSS feed if you like..).

Remember that you should always exercise caution about opening attachments in unsolicited emails.

Doorbell image from Shutterstock.

Tags: , , ,

3 Responses to Beware! DHL Express malware attack appearing in inboxes

  1. Scott says:
    October 15, 2012 at 1:56 pm

    Two hints that this is bogus: (1) it's a half-hour time zone. That's pretty rare. (2) capitalizing "Globally" is incorrect grammar. A company like DHL would never let this get into an email, especially an automated one that presumably was reviewed for correctness many, many times.

    Reply Report comment
  2. Vito says:
    October 15, 2012 at 4:16 pm

    No need to even open the message, much less read it. The subject line is already a FAIL:

    "Processing complete successfully"

    Yeah, right. Where? In Beijing? The nature of the message couldn't be any clearer if the subject line said, "This message sent by malicious morons."

    This sort of thing would be good comedy if so many hapless people didn't fall for it. I guess that makes it tragicomedy.

    Reply Report comment
  3. dave says:
    October 15, 2012 at 6:49 pm

    package delivery spam is so common that most people don't even look at it. This is not how you get notified of delivery activity. It's ALWAYS spam.

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.