Spam Alert: Malware-Serving DHL Tracking Emails Currently Making the Rounds

It pays to be weary when it comes to the Internet. It would also pay to remember these three general truths:

• If it's too good to be true, then it usually is.
• If you don't know what it is, then don't click the link or download any unknown email attachments.
• If you're not sure what do, then don't do anything.

A lot of Internet experts say that it's better to be safe than sorry, and I agree. A lot of spammers and scammers rely on the natural curiosity of people to ensure the success of their scam campaigns. One such scam that's currently making the rounds around email inboxes of users from all over the world is the DHL Tracking Notification Email scam.

This scam was reported by security researchers from Sophos, who were able to intercept the malware campaign that sent out a number of obviously fake delivery notification emails to unsuspecting users. This isn't the first time that cybercriminals have used fake package delivery emails to propagate their scam, but this won't be the last time that they use it for one very, apparent reason: It works.

The emails are especially convincing because they don't have any spelling errors and sound grammatically fine. The subject reads "DHL Tracking Notification ID: [random number]" and the email is sent from "DHL International <notice@dhl.be>."

Attached to these emails is a ZIP file named "DHL-Express-Delivery-Notification-Details_03-2012_[random id].zip" that contains bits of malicious code. The malware is detected as Mal/BredoZp-B and Mal/Zbot-FV, which can open a gateway on your computer to let remote hackers steal your personal information and take control of your Windows PC.

So the next time you receive a package delivery notification email out of the blue, be very careful when you open it and never download the attachments for your cyber safety.

Article by Hazel Chua
Gigadgetry: Cool Gadgets, Tech News, Quirky Devices