When the mail services deliver dangerous packages

We are monitoring a spam campaign that is using the names of delivery services like FedEx and DHL to send the receiver to a website that installs malware.

With subjects like “Not possible to make delivery” or “Shipping service”, the emails make heavy use of social engineering by creating a sense of emergency in order to convince the receiver of the email to visit the website. The emails don’t carry any payload, the malware is hosted exclusively on compromised websites that usually have a good reputation.

fedex    dhl

This trojan is a typical bot: it contacts several Command and Control servers in order to receive further commands. All Avira products detect the malware as TR/Dldr.Dofoil.qty (check the link for further details about the malware).

We advise our readers to never respond in any way to the requests coming in such emails. The real delivery services might notify you via email about your packages, but if you want to check the status of the delivery in real time, you should never click on the links in the emails. And, in any case, they never send you invoices and other files attached to the email. If you should receive emails containing an attachment, never open it even if the file is not a program. Even PDF, DOC or HTML files can contain exploits for various vulnerabilities.

 

Sorin Mustaca

IT Security Expert

via Avira – TechBlog http://techblog.avira.com/2013/08/13/when-the-mail-services-deliver-dangerous-packages/en/


© Copyright 2013 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

Comments are closed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close