Spam Mail Using DHL Name to Deliver Trojan

In a new spam outbreak, spammers are dispatching e-mails that purport to be from DHL, a company that delivers parcels. Consumers receiving the spam mail are told that the company could not deliver the parcel sent by them on March 14, 2009 due to the incorrect address.

Subsequently, the e-mail message directs the recipient to print out a replica of the bill provided in the attached file so that he can take it to the nearest DHL's office and collect the undelivered parcel.

The message also provides some details like the personal manager's name, fax number and customer service number. Besides, the message concludes by signing as "DHL International Ltd. All Rights Reserved". The purpose of providing all of the above details is to lend the spam mail an authentic and legitimate appearance so that innocent people could be easily tricked.

Graham Cluley, Senior Security Expert, Sophos, writes on a personal blog that if a user views the attachment named DHL_DOC.zip, his computer could be infected by a backdoor Trojan known as Troj/Bckdr-QSL that tries to take control of the infected system.

Interestingly, all the e-mails that the spammers have sent until now used only one caption - "DHL Tracking number" together with a randomly produced number.

Meanwhile, Cluley advises users that just like always, they should be extremely suspicious of attachments that come via unsolicited e-mails as well as ensure that their antivirus application is up-to-date, as reported by SOPHOS on March 23, 2009.

In the meantime, DHL said that there was no such parcel that the spam mail mentions. It also revealed that the company was in no way associated with the particular e-mail. Hence, it suggested users to delete the message for good.

The security experts state that the simple tip applies to all computer users working either from home or workplace so that they do not become infected.

The current spam mail has reminded the 'Tracking number Trojan' that associated with UPS in July 2008, resulting in large-scale computer infections and which astonished everyone because of its sophisticated ruse.

Related article: Spam Scam Bags a Scottish Connection

» SPAMfighter News - 3/28/2009