Malicious spam poses as DHL delivery notification
A large scale malicious spam campaign is sending emails claiming to contain an invoice for a missed delivery from courier DHL. According to Graham Cluley of Sophos, the messages claim that an attempted delivery was made on the 14th of March. To claim their package recipients are asked to print out the attached invoice, supposedly contained inside of an attached zip file named "dhl_n756512.zip", and take it to a DHL office. The zip file attachment contains the Troj/Agent-JJP Trojan horse, which can allow an attacker to gain access to the user's system.
This isn't the first time Cluley has seen spam containing malware claiming to come from DHL. Less than a week ago he wrote about a similar e-mail containing a zip file named "DHL_DOC.zip" that contained the Troj/Bckdr-QSL back door Trojan horse. In the past spammers have often impersonated banks and financial institutions in bogus emails, however, spam claiming to be about a delivery from a well known courier company may be different enough to convince some users to open the file.
As usual, The H advises exercising caution when opening attachments and never open unsolicited email attachments.
- Dirty bomb mail leads to malware infection, a report from The H.