Sophos: Spammed DHL Notifications Deliver Malware

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  

Sophos' Graham Cluley reports that Windows users are at risk from spam e-mails with the subject line "Express Shipment notification."

The messages, which have been sent out in large numbers, include an attached ZIP file that contains malware -- the email askes the recipient to "refer to attached report for full details."

"The filename of the ZIP file can vary, but takes the form 'DHL' (where the 'X's are a random code)," Cluley writes. Sophos identifies the malware in the attachment as Troj/BredoZp-S.

"Of course, the emails don't really come from DHL -- and the fact that you may have received an email which has DHL in its 'From:' field does not mean that any computer systems at DHL have been compromised, but just that the attackers have forged the email headers," Cluley notes.

More recently, Cluley reported that a similar spam campaign uses a different attachment, disguized as a label to be delivered to the post office, to drop Troj/Bredo-AGB.

"Of course, this isn't really DHL or FedEx's fault," Cluley writes. "Their company name is being abused by the criminals and their brand image tarnished through association with such attacks."


Loading Comments...