DHL Impersonated E-Mail Scam Produces Scareware

According to Pham Tuan Vu a security researcher at BKIS, one fresh malware scam is currently circulating online while distributing fake e-mails supposedly from the internationally-renowned express company DHL's customer-care so rogue anti-virus would get disseminated, reported BKIS on April 5, 2011.

Actually, by exploiting end-users' greed and inquisitiveness, cyber-criminals are dispatching e-mails having enticing matter so they may trick recipients into viewing a given attachment.

Typically, the e-mail notifies its recipient that the parcel he wanted delivered will soon arrive, while instructing him to carefully go through the file in the attachment and get the tracking code as well as know additional details. Specifically, addressing the customer (recipient), the enclosed text informs him that DHL sent the package to the mentioned residential address and it'll come in three working days, adding that extra details along with the tracking code can be found within the attached file. SoftPedia published this on April 5, 2011.

But soon as the attachment is opened, a virus that BKIS identified as W32.FakeDHL.Worm emerges, which pulls down phony anti-virus software from certain Russian server.

The phony anti-virus -'XP Home Security' instantly becomes active and so dupes the end-user that he acquiesces to purchase the software's complete edition for seemingly eliminating every malicious program it detected.

However, on examining the scans' date-of-occurrences as well as comments by VirusTotal on malware associated with the assault, it becomes evident that the scam started during the first week-end of April 2011. Also, the scam seems to have various forms like one impersonating FedEx, while possibly utilizing the same type of bogus parcel-delivery notices.

Meanwhile, it's been years that scammers are using this bait for distributing their malware, indicating that even after many warnings people at large continue to become lured. The software encouraged to be purchased is called scareware since it attempts at frightening end-users into making a payment for licenses for supposedly removing infections, which really do not exist.

Eventually, users are advised towards maintaining caution should they get e-mails posing as notifications from DHL alternatively other similarly popular services for express mail since usually they're bogus electronic mails providing malevolent attachments.

Related article: Dell Cautions About malware Infecting Its Motherboards

» SPAMfighter News - 4/14/2011