“Please attention!” fake DHL delivery emails contain malware

It’s another day, which means (almost inevitably) there’s another malicious email campaign carrying a fake anti-virus attack.

Once again the bad guys are packaging their attack in an email which claims to come from DHL Delivery Services.

Please attention email pretending to be from DHL

A typical email, which has the subject line “Please attention!”, reads as follows:

Dear customer!

The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address.

You may pickup the parcel at our post office personaly.

Please attention!
The shipping label is attached to this e-mail.
Print this label to get this package at our post office.

Please do not reply to this e-mail, it is an unmonitored mailbox!

Thank you,
DHL Delivery Services.

Attached to the email is a file called label.zip, which Sophos detects as Troj/FakeAV-BEG. Even though there is some peculiar wording (and spelling) in the email it’s possible that some unwary users might fall into the hacker’s trap, and open the malicious attachment.

We are seeing many reports of this attack in our global network of traps right now.

Reports of the malware in Sophos's traps

If you receive one of these emails, don’t open the attached file as you could be putting your computer at risk of infection and allowing hackers to compromised your PC.