Malicious Spam Poses As Dhl Delivery Notification


Recommended Posts

27 March 2009, 17:06

Malicious spam poses as DHL delivery notification

A large scale malicious spam campaign is sending emails claiming to contain an invoice for a missed delivery from courier DHL. According to Graham Cluley of Sophos, the messages claim that an attempted delivery was made on the 14th of March. To claim their package recipients are asked to print out the attached invoice, supposedly contained inside of an attached zip file named "dhl_n756512.zip", and take it to a DHL office. The zip file attachment contains the Troj/Agent-JJP Trojan horse, which can allow an attacker to gain access to the user's system.

This isn't the first time Cluley has seen spam containing malware claiming to come from DHL. Less than a week ago he wrote about a similar e-mail containing a zip file named "DHL_DOC.zip" that contained the Troj/Bckdr-QSL back door Trojan horse. In the past spammers have often impersonated banks and financial institutions in bogus emails, however, spam claiming to be about a delivery from a well known courier company may be different enough to convince some users to open the file.

As usual, The H advises exercising caution when opening attachments and never open unsolicited email attachments.

See also:

Heise security - http://www.h-online.com/security/Malicious...n--/news/112949

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...