January 21, 2010

You can do without this "special" delivery

This just landed in my inbox:
The courier company was not able to deliver your parcel by your address.

Cause: Error in shipping address.
You may pickup the parcel at our post office personaly!
...The shipping label is attached to this e-mail.
Please print this label to get this package at our post office....

The message purports to be from DHL and sports a convincingly spoofed "dhl.com" e-mail address.

The attachment is called "DHL_Label_NR34791.zip," and that's the real tip-off.

Well, that and the fact that I'm not expecting anything to be delivered by anyone.

Even if I were, why would a simple shipping label be in a zip file?

It wouldn't. It would be a pdf, surely. Or I'd be instructed to log into dhl.com with my tracking number.

This attachment and others like it -- the numbers appear to be randomly generated (yes, I got 2 of them with different numbers) -- contains a Trojan that will install malware on your Windows computer. But even if you have a Mac, you should not open unexpected attachments from unverifiable sources.

For more on Bredolab, see Hoax-Slayer and Symantec.

Oh, and another tip-off? The poor grammar. "deliver your parcel by your address" should be "to your address," and there are two Ls in "personally."

No comments:

Post a Comment