Security researchers have identified a new phishing email scam that is targeting customers of the DHL global delivery service.
Analysts with the Comodo Antispam Labs team reveal in a blog post that the phishing email purports itself to be sent from DHL Worldwide and uses the subject line “DHL Shipping Delivery Tracking Number” to support this falsehood. In reality, however, the scam is sent from “dalida.elali [at] werrtonholdings.com.au”, which is not a valid DHL email.
The scam asks DHL customers to verify package information in an attempt to steal their login credentials. To accomplish this aim, the scam requests that users log in at DHL.com/tracking, to which a link is provided. When they click on this link, however, the customers are redirected to a fake landing page where they are asked to access their account.
“After the phishing victim simply verifies their email address and enters the password, a page opens with the text appearing ‘Your email has been updated’ – making the victim feel as if all was an authentic transaction,” explains Comodo Antispam Labs. “In actuality, the log in and password have now been sent to the cyber criminals and they can immediately begin using that to access account and data information, or selling that information on the black market.”
According to Fatih Orhan, Director of Technology for Comodo and the Comodo Antispam Labs, the research firm came across this scam via specific IP and URL analysis as well as monitoring the data from users of Comodo’s Internet Security solutions.
“As a company, we work diligently in creating innovative technology solutions that stay a step ahead of the cyber criminals, and keep enterprises and IT environments safe,” he said.
Fake package verification emails are one of the oldest tricks among phishers and attackers. Some of the newest iterations of this scam even involve the use of ransomware.
To learn how you can avoid becoming a victim of this and other phishing schemes, please click here.