New DHL Tracking Notification E-mails are Spam

Sophos is cautioning Internauts about one spoofed e-mail supposedly from DHL, which issuing a notification accompanied with a Tracking number and hitting inboxes during October 2011, is yet again disseminating a harmful Trojan, published Softpedia.com dated March 21, 2012.

Also, while bearing the same header "DHL Tracking Notification ID: [random number]" as within the previous scam, the new electronic mail has a widely different text. For e.g. it additionally tells the recipient that he can also acquire the shipment status by visiting the DHL website in the United States at http://www.dhl.com/track.

Thereafter, the e-mail makes a request i.e. users needn't answer it, as it is one mechanized application utilized merely to dispatch proactively.

Furthermore, a zipped file also appears as an attachment within the e-mail, containing malware, which's detected as Mal/BredoZp-B, to let external hackers capture end-users' data as well as compromise their Windows computers.

Importantly, PC-operators who utilize DHL's services for dispatching or getting parcels mayn't find anything harmful in viewing the e-mail, since it appears quite legitimate, as also open its attachment devoid of thinking twice.

An explanation why these delivery-related electronic mails are particularly successful is that the public in large number of instances place orders on the Net. Moreover, anyone who's in fact waiting for a package is very much expected to hasten in downloading the attached file devoid of thinking much about it.

Interestingly according to security researchers at Sophos, the trick though was old, yet it managed in trapping users easily enough. During October 2011, spammers deceived end-users with e-mail that asserted certain parcel had been sent back at the Royal Mail business address, while the e-mail itself had an official-sounding sender's id.

These days, numerous attempts are made for duping end-users into getting ensnared with rogue web-links, malware items, alternatively fraudulent e-mails, which seemingly originate from well-established organizations or businesses. Consequently, Internauts should exercise caution when handling file attachments irrespective of their source.

Security specialists further advise that users must consider again prior to viewing an unsolicited attachment that suddenly comes with an e-mail. Overall, they mustn't respond to dubious or spam mails, the specialists add.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 3/30/2012