A DHL delivery which is nothing but malware – Windows users warned of email attack

Graham Cluley
@gcluley

Just earlier this week, I warned about a malware attack that had been widely spammed out posing as a message from DHL Express International.

The trick, which is an old one, goes like this.

Cybercriminals spam out an email, with forged header information, tricking you into believing that it is from a shipping company like DHL or FedEx.

The email tells you that they tried to deliver a package to you, but failed for some reason. Sometimes the emails claim to be notifications of a shipment you have made.

Either way, you can’t resist being curious as to what the email is referring to – and open the attached file (or click on a link embedded inside the email).

And with that, your computer is infected and under the control of malicious hackers who have just planted a Trojan horse on your computer.

As attacks go, it’s pretty unsophisticated. But the fact that we see attacks using this formula virtually every day indicates that it’s a ruse that works well for the online criminals, and continues to help them make money…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.