New cybercrime phishing campaign exploits DHL. The lure is a receipt for a parcel, that must be printed and shown to the delivery agent when the parcel would arrive. But the attachment is a malware
Cybercrime is trying to spread malware with phishing, using DHL express as a lure. Last night we received a mail, formally by the courier, on a receipt for a parcel. In the message, there was written that we have to present this receipt attached to the delivery agent, when the parcel is delivered. But a fast scan on Virus Total let us understand that is a malicious code (detected by 29 on 59 engines). Some of them identify it as Heur Trojan, other as HTML/Infected.WebPage.Gen2. Furthermore, there is no track about the sender: Caroline Elvis. Couriers are periodically exploited as a bait by cyber criminals, especially in periods of a high shipping volumes as this, caused by the Covid-19 restrictions. DHL confirmed that attempts have been made to defraud Internet shoppers by the unauthorized use of the company name and brand via email communications and graphics.
The picture of the phishing email
The VirusTotal screenshot