Sophos Cloud Optix
Take care folks if you’re returning to your inbox today, after a weekend away. A malicious email could be lurking there – waiting to infect your computers.
SophosLabs has intercepted a widespread malware campaign that has been spammed out, disguised as a communication from DHL Express.
The emails have the subject line “Processing complete successfully”, and claim to be a DHL Express Tracking Notification.
The emails look like the following (click on the image for a larger version):
Attached to each of the emails is a file, DHL_Express_Processing_complete.pdf.zip, which contains malware that Sophos products detect as Troj/BredoZp-S.
If you unzip the file, and open its contents, you will be putting your Windows computer at risk of infection.
Malicious emails claiming to come from the likes of DHL, FedEx and UPS are nothing new. The reason why we continue to see malware attacks using this kind of disguise though is easy to understand – it works.
Don’t allow yourself, your friends and family to be suckered in by social engineering like this.
Get clued up about security threats by reading sites like Naked Security (you can subscribe to our free newsletter or RSS feed if you like..).
Remember that you should always exercise caution about opening attachments in unsolicited emails.
Doorbell image from Shutterstock.
Two hints that this is bogus: (1) it's a half-hour time zone. That's pretty rare. (2) capitalizing "Globally" is incorrect grammar. A company like DHL would never let this get into an email, especially an automated one that presumably was reviewed for correctness many, many times.
No need to even open the message, much less read it. The subject line is already a FAIL:
"Processing complete successfully"
Yeah, right. Where? In Beijing? The nature of the message couldn't be any clearer if the subject line said, "This message sent by malicious morons."
This sort of thing would be good comedy if so many hapless people didn't fall for it. I guess that makes it tragicomedy.
package delivery spam is so common that most people don’t even look at it. This is not how you get notified of delivery activity. It’s ALWAYS spam.