Malware-Borne scam E-mail Masquerading as DHL Caught- MailGuard

MailGuard the security company, of late, detected and deactivated a malware-laced e-mail campaign that scammers have been circulating while posing as DHL the renowned shipment service, published linkedin.com dated October 6, 2015.

The attack understandably is widely spread as it informs the e-mail receiver about certain parcel that's supposedly dispatched for getting sent to him.

A request follows in the spam mail for the recipient towards finishing the tracking process so he may get his tracking number as well as that he should substantiate his delivery address.

A hyperlink labeled 'tracking procedure' if clicked takes the victim onto one page that instantly asks to pull down one .com file. Unfortunately, this file is certain uncomplicated, small sized executable.

Although the .com file extension isn't malicious as such, but the scammer while playing his trick on the victim exploits the clash in names among the .com TLD online site URL and a command file with .com extension.

Unwitting recipients who open a given attachment hope they would get the 'DHL.com' site; however, they rather execute the malevolent binary.

And though e-mail filters effectively block malware-laced e-mails, the current scam electronic mail circumvents anti-spam filters via an indirect delivery of malware through one diverted URL.

Enterprises running under excessive pressure are likely to be vulnerable to the above kind of scams since they may easily miss out trivial things like in the address space of the e-mail sender. Thus, scammers exploit this trivial shortfall.

Consequently, the first and most appropriate manner of defense is creating awareness among staff and deploying web-filtering and cloud-based e-mail. Additionally multi-layered defense should be adopted comprising on-premise anti-spyware, anti-malware and anti-virus software.

Meanwhile, its isn't simply DHL the shipment service company that scammers attacked using malware-laced bogus electronic mails, remark security analysts. For, during October 2014, MX Lab another security firm began tapping one fresh Trojan serving fraudulent e-mail scam supposedly sent from Deutsche Post and DHL in connection with a parcel order. While many separate editions of the electronic mail were caught; however, a file named Ihrer Bestellung.exe was commonly contained in all the e-mail samples within one attached .zip folder.

» SPAMfighter News - 10/13/2015