Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Trojan horse contained in fake DHL e-mail

Sophos : 31 March, 2009  (Technical Article)
Spam designed to appear to come from DHL contains message attempting to get readers to execute zipped trojan
IT security and control firm Sophos is warning computer users to be on their guard following the discovery of a new large scale malicious spam campaign posing as an email from courier firm DHL.

The campaign is the second in the space of a week that masquerades as DHL, and the messages again claim that the courier company tried to deliver a parcel from you on the 14th of March, and that you need to print out the attached invoice (contained inside dhl_n756512.zip) and bring it to their office.

Computer users that fall for the scam and open dhl_n756512.zip will not see an invoice, but will actually download a malicious Trojan horse, known as Troj/Agent-JJP onto their PC giving hackers remote access. The emails all use the subject line 'DHL Tracking number' but have a randomly generated reference number.

'These emails are currently arriving so frequently in our spam traps, they're battering down like hailstones on a tin roof,' said Graham Cluley, senior technology consultant at Sophos. 'Computer users that have recently used DHL to send a parcel may see nothing wrong in opening what looks like a legitimate email and may click on the attached zip file without a second thought. By using big names, the fraudsters are attempting to trick more unsuspecting victims, and by changing the filename on each message, they're able to avoid less sophisticated spam filters. All computer users need to watch out and be careful about any unsolicited file attachment they receive, no matter who it claims to come from.'
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo