Australians have been warned about a phishing email pretending to be from DHL in yet another scam spoofing the shipping company.
Email security software platform MailGuard said it had intercepted a fraudulent email utilising DHL’s brand and logo asking users to click a link to “complete the payment of (1.99 EUR)”.
The MailGuard alert comes mere days after cybersecurity firm Avast flagged an SMS scam spoofing the global parcel delivery company that has already infected 60,000 devices worldwide.
The scam intercepted by MailGuard reads: “Dear Customer, Thank you for using DHL Express, your package is waiting for you. You must complete the payment of (1.99 EUR).
“Follow the safe link below to complete payment of your shipping fees. Expected delivery date: 26 August before the end of the working day. Best regards.”
Following the instructions is a red button that says “PAY”.
But the email isn’t real and hasn’t been sent from DHL at all, MailGuard said in an alert on Friday.
“The domain used in the URL of this page, does not belong to the shipping company. It's actually a phishing page hosted on a third-party platform and is designed to harvest the above-mentioned credentials of users.”
Anyone who clicks the ‘PAY’ link will be directed to a page that again uses DHL’s logo and branding elements and is titled ‘DHL TRACKING’.
Users are told that their shipment will be completed if they confirm payment and click next.
Users who hit ‘next’ will be taken to another page that asks for users’ name, credit card number, their credit card’s expiry date, and CVV or CVC number.
The following page requests more private information, including the user’s personal address, postcode, city, date of birth, phone number, and email address.
Those who complete this form and hit ‘next’ will be taken to another page that asks users to “please confirm the following payment” of $1.99 by hitting an SMS code.
“We strongly advise all recipients to delete these emails immediately without clicking on any links,” MailGuard said.
Delivery companies such as DHL and Australia Post are common targets for scammers as they have massive customer bases. Furthermore, the timing of this scam coincides with the end of the financial year, a period when customers typically take advantage of discounts and sales.
“This is one of the busiest parts of the year for shopping and parcel delivery. Scammers know that receiving notifications related to parcel delivery isn't likely to be unusual in this period, and hence use lures like these to trick users,” MailGuard said.
“We’re all eager to get our shopping on time, so we might not think twice before clicking a link in parcel-delivery notifications.”
Signs of a scam: What to watch out for
When spotting an email scam, these are the dead giveaways you need to keep an eye out for:
The recipient isn’t directly addressed by name;
You’re hearing from an organisation you don’t normally hear from;
Spelling, grammatical, punctuation, style and design errors;
The sender isn’t where they claim to be from.
Emails will also often have an urgent tone such as “important message”, “your package is waiting” or advise recipients that the opportunity to act will end in a number of hours or days.
Extra effort will be put into making the email look as realistic as possible, such as including a fake delivery date, tracking code, and the presence of security features like a verification code via text.
Any scams spoofing DHL should be reported to firstname.lastname@example.org.
Australians should also report scams to ScamWatch.