A DHL delivery which is nothing but malware – Windows users warned of email attack

DHL and flyJust earlier this week, I warned about a malware attack that had been widely spammed out posing as a message from DHL Express International.

The trick, which is an old one, goes like this.

Cybercriminals spam out an email, with forged header information, tricking you into believing that it is from a shipping company like DHL or FedEx.

The email tells you that they tried to deliver a package to you, but failed for some reason. Sometimes the emails claim to be notifications of a shipment you have made.

Either way, you can’t resist being curious as to what the email is referring to – and open the attached file (or click on a link embedded inside the email).

And with that, your computer is infected and under the control of malicious hackers who have just planted a Trojan horse on your computer.

As attacks go, it’s pretty unsophisticated. But the fact that we see attacks using this formula virtually every day indicates that it’s a ruse that works well for the online criminals, and continues to help them make money.

I must admit that sometimes it’s pretty depressing working in the computer security industry, when you see people fall for the same trick time and time again.

Here’s the latest example, an email with the subject line “DHL delivery report”:

Malicious DHL email

The social engineering is simple, but it works. The email tricks you into believing that there is a parcel waiting to be shipped to them, but an incorrect postcode has messed the delivery up.

What does the email suggest you do? Print off the label (helpfully attached), and take it to your post office. But you best hurry! Because the email claims that they will begin to charge you if you dawdle too long.

It’s no wonder then that some folks will all too quickly open the attached file (called LABEL-ID-NY19032013-GFK78.zip in this case) and, as a result, infect their Windows computer with the Troj/Bredo-AGB Trojan horse.

Of course, this isn’t really DHL or FedEx’s fault. Their company name is being abused by the criminals and their brand image tarnished through association with such attacks.

Maybe you’re well-read about malware threats and would never fall for an attack like this. But can you say the same for your aunty, your father-in-law, your friends?

Do your bit to make the internet a safer place by helping raise awareness of security threats with your friends and family. Maybe even suggest they read Naked Security or follow us on Facebook if you think that will help.

Stay safe out there.