Don’t open dhl_n756512.zip

Graham Cluley
Graham Cluley @

 @grahamcluley.com
 / grahamcluley

We have been watching a large scale malicious spam campaign posing (once again) as an email from courier firm DHL.

Just like last time the messages claim that DHL tried to deliver a parcel from you on the 14th of March, and that you need to print out the attached invoice (contained inside dhl_n756512.zip) and bring it to their office.

DHL Tracking Number malicious email

Of course, opening dhl_n756512.zip is not to be recommended. It contains the Troj/Agent-JJP Trojan horse and will put the security of your computer into remote hackers.

Sign up to our free newsletter.
Security news, advice, and tips.

The emails that are currently arriving in our spam traps, battering down like hailstones on a tin roof, all use the subject line “DHL Tracking number” but have a randomly generated reference number.

Malicious emails claiming to come from DHL

Of course, the hackers are bound to use this trick again. And it’s trivial for them to change the filename – so it’s not as simple as simply avoiding files called dhl_n756512.zip. You actually have to be careful about *any* unsolicited file attachment you are sent.

Graham Cluley
Graham Cluley

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and hosts the popular "Smashing Security" podcast. Follow him on LinkedIn, Bluesky and Mastodon, or drop him an email.

You may also like...

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.