Fake DHL delivery notification carries Trojan to steal user info

Technically, this one’s not a “phishing scam,” but spam with malware–but it has the same effect.

Help Net Security reports that spam has resurfaced looking like legitimate email about an international package. From Help Net Security’s description:

They spoofed the sender information, making it look like the email was sent from” “DHL Express International Support “, and the subject line says that it’s a “DHL Express Notification for shipment for 26 Oct 2011,” says MX Lab.

Apart from the usual (legitimate) information about the company, the email contains a request not to reply to the email as it is used by an automated application and an invite to open the attached file for more details about the shipment:

When unzipped, the attached file revels an executable – DHL-Delivery-Notification-Message-102611.exe.

Red flag should go up once you see that the name of the attached “notification” message ends in .exe. Download apps from trusted Web sites–e.g., from the DHL corporate Web site–not from email. Just delete it.

The complete article is online at http://www.net-security.org/malware_news.php?id=1888.

Richard Gordon