New phishing scam targets DHL customers

With the approach of the holiday season there's a spike in online shopping which means many people will be expecting the delivery of packages.

This of course is a window of opportunity for cyber criminals looking to steal personal information. It's perhaps not surprising then that Comodo Antispam Labs has identified a new global phishing threat, targeted at businesses and individuals who use DHL shipping.

The fake emails appear to come from DHL Worldwide and have the subject line 'DHL Shipping Delivery Tracking Number.' The tell tale give away is that the sender's email address is not on a DHL domain. The messages imitate the corporate style and logos of DHL, and are designed to capture logins and passwords to DHL accounts and package tracking information.

The phishing email headed 'DHL Capability Tool' asks recipients to click a link to obtain a tracking number for their delivery. If clicked the link leads to a site that will capture the user’s DHL ID and password.

DHL phishing email

"Through specific IP and URL analysis -- as well as the Comodo Antispam Labs' continuous monitoring and scanning of data from the users of Comodo's Internet security systems, our team was able to identify this specific phishing email scam and alert the public to it," says Fatih Orhan, Director of Technology for Comodo and the Comodo Antispam Labs. "As a company, we work diligently in creating innovative technology solutions that stay a step ahead of the cyber criminals, and keep enterprises and IT environments safe".

There are around 2.5 million users of DHL worldwide so the campaign has the potential to net those behind it a good number of unwary victims. You can find more information about the scam on the Comodo blog.

Image Credit: Maksim Kabakou / Shutterstock