Sophos: Spammed DHL Notifications Deliver Malware
A variety of spam campaigns leverage DHL's name to trick recipients into opening malicious attachments.
Sophos' Graham Cluley reports that Windows users are at risk from spam e-mails with the subject line "Express Shipment notification."
The messages, which have been sent out in large numbers, include an attached ZIP file that contains malware -- the email askes the recipient to "refer to attached report for full details."
"The filename of the ZIP file can vary, but takes the form 'DHL reportXXXXXX.zip' (where the 'X's are a random code)," Cluley writes. Sophos identifies the malware in the attachment as Troj/BredoZp-S.
"Of course, the emails don't really come from DHL -- and the fact that you may have received an email which has DHL in its 'From:' field does not mean that any computer systems at DHL have been compromised, but just that the attackers have forged the email headers," Cluley notes.
"Of course, this isn't really DHL or FedEx's fault," Cluley writes. "Their company name is being abused by the criminals and their brand image tarnished through association with such attacks."