Aussies who love online shopping have been warned to keep an eye out for an email masquerading as popular delivery company DHL.
Due to their popularity, DHL are regularly impersonated by scammers looking to steal your personal information.
“There’s hardly a month that goes by where they’re not mimicked in a new email scam,” MailGuard said after intercepting the scam email.
“This month is no different.”
The email has the subject line “SHIPPING PACKAGE DOCUMENT CONFIRMATION”, and while the sender name shows up as ‘DHL Express”, the sender's email is not a legitimate DHL address.
“Although the email itself does not have the professional layout that you would typically expect from such a large company, it does contain DHL and DHL Aviation branding,” MailGuard said.
“The copy warns the recipient that a package has arrived for them at the DHL office, and that they need to confirm their delivery address.”
The potential victim is then instructed to click a button to view their receipt and have their package forwarded to the nearest DHL office.
“If the user clicks the link, they’re directed to a phishing site which closely resembles the genuine DHL website,” MialGuard said.
“The phishing page appears to be hosted on a compromised website which is not associated with DHL.”
MailGuard said a pop-up will then appear and the user will be directed to ‘Sign in to continue’ where their email has already auto filled.
When the user enters the required details and continues, they’re shown the error message “Server Response: Wrong Password”, and their email and password are harvested for later use by the scammer.
MailGuard advises all recipients of this email to delete it immediately without clicking on any links.
“Providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its’ financial well-being,” it said.