Story image

DHL phishing email drops malicious .exe file on curious victims

24 Jan 17

Another phishing email is doing the rounds in Australian inboxes, and this time it’s a fake email that appears from trusted courier company DHL.

Experts at MailGuard picked up on the scam in a blog post, which described that the fake email appears to contain details about a package being sent to the victim.

MailGuard says the email, sent from “DHL-Services Notification” contains an attachment with the ‘details’, but it is actually a malicious Trojan.

That Trojan is not a word document or PDF; it is an automatically executable .exe file that can monitor infected systems and potentially steal sensitive information.

MailGuard says those infected with the malware may not know they have been targeted until later when their details and bank accounts have been stolen.

The company says that DHL, Fedex and Australia Post are popular targets for scammers, as they are seen as trustworthy organisations with large customer bases. Victims are also curious about potential parcels coming their way, which makes them susceptible to clicking on fake emails.

MailGuard suggests that users trash emails that:

Don’t address you by name, use poor English or leave out crucial details that genuine senders would provide, such as tracking IDs

Are from senders you do not expect to receive emails from

Have attachments or downloads, especially those with .exe file extensions

Send you to a website that does not match the URL the email is supposed to be from.

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.