Posted in the news thread on March 13, 2012:
Express Shipment Notification emails contain malware
Have you received an email with the subject line "Express Shipment Notification"?
If so, be on your guard - you could be at risk of infecting your Windows computers.
Online criminals have spammed out a large number of messages, claiming to come from DHL Express International, that are designed to install malware onto the computers of unsuspecting PC users.
Here is what a typical example of an email spammed out in the attack looks like: [Screenshot]
Tracking Notification: 449762627
Custom Reference: 594078O440
Tracking Number: XFLNH94244
Pickup Date: Mon, 18 Mar 2013 12:39:03 +0100
Mon, 18 Mar 2013 12:39:03 +0100 - Processing complete successfully
Refer to attached report for full details.
Attached to the emails is a ZIP file, containing malware. The filename of the ZIP file can vary, but takes the form "DHL reportXXXXXX.zip" (where the 'X's are a random code).
Continued : http://nakedsecurity.sophos.com/2013/03/18/express-shipment-notification-emails-malware/
On March 20th from the same source:
A DHL delivery which is nothing but malware - Windows users warned of email attack
Just earlier this week, I warned about a malware attack that had been widely spammed out posing as a message from DHL Express International.
The trick, which is an old one, goes like this.
Cybercriminals spam out an email, with forged header information, tricking you into believing that it is from a shipping company like DHL or FedEx.
The email tells you that they tried to deliver a package to you, but failed for some reason. Sometimes the emails claim to be notifications of a shipment you have made.
Either way, you can't resist being curious as to what the email is referring to - and open the attached file (or click on a link embedded inside the email).
And with that, your computer is infected and under the control of malicious hackers who have just planted a Trojan horse on your computer.
Continued here: http://nakedsecurity.sophos.com/2013/03/20/dhl-delivery-malware/
In the future, I would suggest deleting it..
One had my aunt and cousin's last name. That I deleted. Just recently, I got an email from DHL Shipping saying they could not deliver it on July 1 and it contained two hyperlinks and both were .zip's.
WinZip couldn't open either one, one had tracking info and the other was for the item. I uninstalled WinZip, checked files and folders, yup, one there and went into the registry and removed all in there. Restarted, used CCleaner 4.03 to clean it all out. Then reinstalled it from a flash drive. Darrell